Here is a link to the PDF.
I have *not* had a chance to read the entire paper, however I did find Appendix C very interesting.
The lists below provide examples of tools and resources that may be helpful.It is interesting to see who did and did not make the list. I would have added a few others, however I am not NIST. Additionally, I found this publication to be more of a management overview as opposed to a technical document. Better off reading number 2 and 3 from the above list IMO.
- Bace, Rebecca, Intrusion Detection, Macmillan Technical Publishing, 2000.
- Bejtlich, Richard, Extrusion Detection, Addison-Wesley, 2005.
- Bejtlich, Richard, The Tao of Network Security Monitoring: Beyond Intrusion Detection, Addison-Wesley, 2004.
- Crothers, Tim, Implementing Intrusion Detection Systems: A Hands-On Guide for Securing the Network, 2002.
- Endorf, Carl et al, Intrusion Detection and Prevention, McGraw-Hill Osborne Media, 2003.
- Kruegel, Chris et al, Intrusion Detection and Correlation: Challenges and Solutions, Springer, 2004.
- Nazario, Jose, Defense and Detection Strategies Against Internet Worms, Artech House Publishers, 2003.
- Northcutt, Stephen and Novak, Judy, Network Intrusion Detection: An Analyst’s Handbook, Third Edition, New Riders, 2003.
- Rash, Michael et al, Intrusion Prevention and Active Response: Deployment Network and Host IPS, Syngress, 2005.