This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 12/19/2010 1 Unit 7: Audit and Intrusion Unit 7: Audit and Intrusion Detection Detection Part 2 Click Here to Start Audio Security Audit Analysis Security Audit Analysis (FAU_SAA) (FAU_SAA) c Analyze Audit Information Looking for Security Violations c FAU_SAA.1: Fixed Rule Set c FAU_SAA.2 Profile Based on User Profile c FAU_SAA.3 Simple Attack Heuristics - Signature Events c FAU_SAA.4 Complex Attack Heuristics - Multi-step Intrusion Scenarios Intrusion Detection Intrusion Detection Methodologies Methodologies c Attack Profile - Looks for specific known attack profiles (FAU_SAA.1, 3,4) c Behavior Profile - Application behavior is profiled over time and then abnormalities can be detected (FAU_SAA.2). 12/19/2010 2 Attack Attack-Based Intrusion Based Intrusion Detection Systems Detection Systems c Many Widely Available c Most Focus on Network Penetration Attacks (e.g., Firewalls) Microsoft’s Internet Security Microsoft’s Internet Security Acceleration(ISA) Server Acceleration(ISA) Server...
View Full Document
This note was uploaded on 02/20/2011 for the course TECH 7375 taught by Professor June during the Spring '11 term at University of Arkansas for Medical Sciences.
- Spring '11