{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Group5-FinalDraft - Intrusion Detection Prevention Systems...

Info icon This preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
I ntrusion D etection & P revention S ystems – Exploring the Honeynet Approach & Snort Weaknesses Authors: Franc is ,  C harle s Ne no v,  Martin Q uaye ,  De nnis S urapane ni,  1
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
o UTLINE O ve rvie w Fire walls Type s  o f IDS / IPS Ho ne ypo ts  / Ho ne yne ts Exam ple s Re s e arc h Mo dific atio ns C o nc lus io n 2
Image of page 2
Ne two rk S e c urity o ve rvie w S e c urity Princ iple s Phys ic al S e c urity Dis as te r Re s is tant Building Ho t S ite Building  S e c urity The  C o m pute r Bo x  Ele c tro nic  S e c urity Lo g ins /Pas s wo rds O pe n po rts Fire walls Bas tio n Ho s t/ DMZ – De m ilitarize d Zo ne 3
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Fire walls  –  “Ke e ping  o uts ide rs  o ut” Network layer and packet filters Application-layer Proxies Network address 4
Image of page 4
Intrusion Detection Systems –”Sniffing fires” A security management system for computers and networks.  Gathers and analyzes information from various areas within a computer or a network to  identify possible security breaches Intrusion Misuse Compromised Systems Two different ways to detect Anomaly Based Signature Based 5
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Signature Based Intrusion Detection Examine network traffic Using a ‘ruleset’, find anything in the traffic that fits a rule A rule is a signature, a part of a known attack If there is something that fits a rule, ban/block the traffic. High detection rate for known attacks with rules written Zero detection rate for unknown attacks, or attacks without a rule 6
Image of page 6
Anomaly Based Intrusion Detection Based on heuristics or rules, rather than patterns or signatures, and will detect  any type of misuse that falls out of normal system operation. Can detect attacks not known yet, attacks not common, or attacks that have  already compromised a machine High false positive rate / false negative rate 7
Image of page 7

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Points for Intrusion detection systems Each IDS system the University of South Carolina buys is worth $100,000+,  millions spent overall Has to be worth quite a bit Great for detecting automated malicious attacks from inside the network Attack mitigation - Provides forensic information in case of attack 8
Image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern