Research Directions for Network Intrusion Recovery

One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. This paper highlight lessons learned from three real, significant, and recent intrusion incidents.