{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

stat 120 - IntrusionDetection By...

Info icon This preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Intrusion Detection By Himani Singh ( [email protected] & Kavita Khanna ( [email protected] (CS-265, Fall-2003)
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
2 Intrusion Detection  –  “Presentation  Outline” How an Intruder gets access? Security Holes and Vulnerabilities What is Intrusion Detection? Typical intrusion scenario Host based and Network based Intrusion  Detection. Knowledge based and behavioral based  Intrusion Detection. False positives   / false alarms. Do I need IDS if I already have a firewall?
Image of page 2
3 How an Intruder get access Intruder  o hacker  and/or  cracker  who hacks into  systems and does unauthorized/  malicious activities   How does an intruder get access? o Physical Intrusion    remove some  hardware, disk, memory… o System Intrusion  low-privilege user  account o Remote Intrusion    across network
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4 Security Holes and  Vulnerabilities What? Softwar e bugs System  configuratio n Bad  Passwor Policy Traffic Sniffing Design  flaws
Image of page 4
5 Security Holes and  Vulnerabilities Software bugs Buffer overflows – overflow input by intentional  code . Unexpected combinations :   PERL  can send some  malicious input to another program   Unhandled input :  action on invalid input ? Race conditions :  rare but possible System configuration Default configurations  - easy-to-use  configurations  Lazy administrators empty root/administrator  password   Hole creations Turn off everything that doesn't 
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
6 Security Holes and  Vulnerabilities   (Cont…) Password cracking Weak passwords, Dictionary attacks and Brute force etc Sniffing unsecured traffic Shared medium   Server sniffing Remote access Design flaws TCP/IP protocol flaws Smurf—ICMP request as return address as  victim's SYN Flood-target run out of recourse,combine with IP  spooling UNIX design flaws Distributed DoS attack – Amazon and Yahoo  Do not forget  Social Engineering-  Hacker  “Kevin Mitnick” told congress that he use  technology only 2% of time
Image of page 6
7 What is Intrusion Detection Intrusion:   An unauthorized activity or access to  an information system. Attack originated outside  the organization. Misuse : Attacks originating inside the  organization. Intrusion Detection (ID ):  process of detecting,  if Intrusion / Misuse has been attempted, is  occurring, or has occurred  .[1]   Intrusion and/or misuse can be as severe as  stealing sensitive information or misusing your  email system for Spam ID runs continuously  Does both Detection and Response The practical Intrusion Detection book by Paul E.Proctor .[1] 
Image of page 7

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
8 Typical intrusion scenario o Step 1: outside reconnaissance  o
Image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern