This manifesto is the result of the Perspective Workshop Network Attack Detection
and Defense held in Schloss Dagstuhl (Germany) from March 2nd–6th, 2008. The participants
of the workshop represent researchers from Austria, France, Norway, the Switzerland, the United States,
and Germany who work actively in the field of intrusion detection and network monitoring. The workshop
attendee’s opinion was that intrusion detection and flow analysis, which have been developed as complementary
approaches for the detection of network attacks, should more strongly combine event detection and correlation
techniques to better meet future challenges in future reactive security.
The workshop participants considered various perspectives to envision future network attack detection
and defense. The following topics are seen as important in the future: the development of early warning
systems, the introduction of situation awareness, the improvement of measurement technology, taxonomy of
attacks, the application of intrusion and fraud detection for web services, and anomaly detection.
In order to realize those visions the state of the art, the challenges, and research priorities were
identified for each topic by working groups. The outcome of the discussion is summarized in working group
papers which are published in the workshop proceedings. The papers were compiled by the editors to this
manifesto.