On behalf of the program committee, it is our pleasure to present to you the proceedings of the fourth Recent Advances in Intrusion Detection Symposium. The RAID 2001program committee received 55 paper submissions from 13 countries. All submissions were carefully reviewed by several members of the program committee on the criteria of scienti?c novelty, importance to the ?eld, and technical quality. Final selection took place at a meeting held on May 16-17 in Oakland, California. Twelve papers were selected for presentation and pub- cation in the conference proceedings. In addition, nine papers, presenting work in progress, were selected for presentation. The program included both fundamental research and practical issues: l- ging and IDS integration, attack modeling, anomaly detection, speci?cati- based IDS, IDS assessment, IDS cooperation, intrusion tolerance, and legal - pects. RAID 2001also hosted two panels, one on "The Present and Future of IDS Testing Methodologies," a subject of major concern for all IDS users and de- gners, and one on "Intrusion Tolerance," an emerging research area of increasing importance. Dr. Bill Hancock, Senior Vice President and Chief Security O?cer of Exodus Communications, Inc., delivered a keynote speech "Real world intrusion det- tion or how not to become a deer in the headlights of an attacker's car on the information superhighway". The slides presented by the authors, the 9 papers which are not in the p- ceedings, and the slides presented by the panelists are available on the website of the RAID symposium series, http://www.raid-symposium.org/.