This paper examines the pre-history and history of early intrusion detection expert systems by focusing the first such system, Intrusion Detection Expert System, or IDES, which was developed in the second half of the 1980s at SRI International (and SRI's follow-on Next Generation Intrusion Detection Expert System, or NIDES, in the early-to-mid 1990s). It also briefly recounts other early intrusion detection systems, the National Security Agency's Computer Misuse and Anomaly Detection (CMAD) Program, and analyzes the disproportionately high contributions of women scientists to leadership in intrusion detection system research and development relative to other computer security specialties.Intrusion detection systems are software-based systems that monitor computer user behavior audit data (and other computer system events) in order to detect and flag potential unauthorized access to and inappropriate use of a computer system. These detection systems can be used to help identify potential external perpetrators, internal misusers (who exceed or abuse privileges), and masquerading programs (Trojan horses). Perpetrators might be seeking to access or manipulate data (for criminal or non-criminal purposes), introducing malware (including but not limited to viruses, worms, and Trojan horses), or researching a system for a future attack.Intrusion detection systems (IDS) can operate either in batch mode (analyzing volumes of collected computer user behavior data and system events) or in real-time (analyzing users' behavior as they are actively on a computer system). Some intrusion detection systems include an expert system component-a rule-based, adaptive learning capability. This paper focuses on the pre-history and history of the most prominent and influential early intrusion detection expert system, which was developed at SRI International in the 1980s and generically took the name that quickly came to define its type-Intrusion Detection Expert System, or IDES. In exploring this history, the paper situates intrusion detection within the broader field of computer security and surveys the evolution of IDES into SRI's Next-Generation Intrusion Detection Expert System (NIDES) in the early 1990s. It also briefly examines the emergence of other prominent intrusion detection systems, the intrusion detection system research program at the National Security Agency (NSA), and the outsized contribution of women scientists to leadership in this field. In a short span of time-the early 1980s to the mid-1990s-intrusion detection