ParwazTalk.ppt - Introduction to Intrusion Detection...

Info icon This preview shows pages 1–9. Sign up to view the full content.

Introduction to Intrusion Detection Systems Presented by Parwez
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

Overview of Seminar Introdcution Need for Intrusion Dectection Systems Classification of Systems Anomaly Detection Misuse Detection Other Models and Directions Conclusion
Image of page 2
Introduction The networking revolution has come of age. Internet is changing computing. The possibilities and oppurtunities are limitless. Risks and chances of malicious intrusions is increasing. Intrusion attempt: The potential possibility of a deliberate unauthorized attempt to Access Information Manipulate Information Render a system unreliable or unusable.
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

The need for IDSs A computer system should provide Confidentiality Integrity Assurance Subversion attempts try to exploit flaws in the operating system as well as in application programs and have resulted in spectacular incidents like the Internet Worm incident of 1988.
Image of page 4
Ways to handle subversion attempts Prevent subversion by building a completely secure system. We could require all users to identify and authenticate themselves. We could protect data by various cryptographic methods and very tight access control mechanisms. Limitations Complete security not possible in real life. Transition will be long in coming. Cryptograhic methods have their own problems. Abuse by insiders who abuse their privilages. The stricter the mechanisms the lower the efficiency .
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

System(IDS) An IDS detects attacks as soon as possible and takes appropriate action. An IDS does not usually take preventive measures when an attack is detected. It is a reactive rather than a pro- active agent. It plays a role of informant rather than a police officer.
Image of page 6
IDS(Contd.) The most popular way to detect intrusions has been using the audit data generated by the operating system. And audit trail is a record of activities on a system that are logged to a file in chronologically sorted order. Audit trails are particularly useful in establishing the guilt attackers. They are often the only way to detect unauthorized but subversive user activity.
Image of page 7

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

IDS (Contd.) Eugene Spafford reports: Information theft is up over 250% in the last 5 years.
Image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '18
  • Network intrusion detection system, Host-based intrusion detection system, Intrusion detection system, anomaly detection, attack patterns

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern