Flytrap: A Proposed Network-Based Strategy for Dynamically Managing Security.

Slides:

Advertisements

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Advertisements

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Enhancing Security Using Mobile Based Anomaly Detection in Cellular Mobile Networks Bo Sun, Fei Yu, KuiWu, Yang Xiao, and Victor C. M. Leung. Presented.

1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.

The Most Analytical and Comprehensive Defense Network in a Box.

Access Control Chapter 3 Part 5 Pages 248 to 252.

IDS/IPS Definition and Classification

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

Flow Anomaly Detection in Firewalled Networks Research Report Mike Chapple December 15, 2005.

Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Lecture 11 Intrusion Detection (cont)

Department Of Computer Engineering

Intrusion Detection Systems: A Survey and Taxonomy A presentation by Emily Fetchko.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

1 Host – Based Intrusion Detection “Working of Tripwire”

Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.

Survey – IDS Testing Marmagna Desai [ 592 Presentation]

Alert Correlation for Extracting Attack Strategies Authors: B. Zhu and A. A. Ghorbani Source: IJNS review paper Reporter: Chun-Ta Li ( 李俊達 )

Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.

A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.

Machine Learning in Intrusion Detection Systems (IDS)

Chapter 9: Cooperation in Intrusion Detection Networks Authors: Carol Fung and Raouf Boutaba Editors: M. S. Obaidat and S. Misra Jon Wiley & Sons publishing.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

FORESEC Academy FORESEC Academy Security Essentials (III)

The Most Analytical and Comprehensive Defense Network in a Box.

INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.

Monitoring for network security and management Cyber Solutions Inc.

CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.

Application of Content Computing in Honeyfarm Introduction Overview of CDN (content delivery network) Overview of honeypot and honeyfarm New redirection.

An Overview of Intrusion Detection Using Soft Computing Archana Sapkota Palden Lama CS591 Fall 2009.

Intrusion Detection CSEM02 University of Sunderland Harry R. Erwin, PhD.

Major Disciplines in Computer Science Ken Nguyen Department of Information Technology Clayton State University.

7.5 Intrusion Detection Systems Network Security / G.Steffen1.

1 Figure 10-4: Intrusion Detection Systems (IDSs) IDSs  Event logging in log files  Analysis of log file data  Alarms Too many false positives (false.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Network Security Major Problems Network Security Major Problems Why Firewall? Why Firewall? Problems with Firewalls Problems with Firewalls What is.

Artificial Intelligence Center,

Intrusion Detection System

A Security Framework with Trust Management for Sensor Networks Zhiying Yao, Daeyoung Kim, Insun Lee Information and Communication University (ICU) Kiyoung.

I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.

Anomaly Detection. Network Intrusion Detection Techniques. Ştefan-Iulian Handra Dept. of Computer Science Polytechnic University of Timișoara June 2010.

IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

Tool Support for Testing Classify different types of test tools according to their purpose Explain the benefits of using test tools.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.

Memory Protection through Dynamic Access Control Kun Zhang, Tao Zhang and Santosh Pande College of Computing Georgia Institute of Technology.

Some Great Open Source Intrusion Detection Systems (IDSs)

CompTIA Security+ Study Guide (SY0-401)

Next Level Tic-Tac-Toe

Rules of Thumb to Mathematical Rule- A Cyber Security Journey

Evaluating a Real-time Anomaly-based IDS

CompTIA Security+ Study Guide (SY0-401)

By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.

CompTIA Security+ Study Guide (SY0-501)

Intrusion Detection & Prevention

ISMS Information Security Management System

به نام یکتا دادار هستی.

By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.

Improving Data Security & Protection Using Data Provenance Figure 1

Presentation transcript:

Flytrap: A Proposed Network-Based Strategy for Dynamically Managing Security

System Elements Intrusion DetectionNetwork routing “Real” Systems“Faux” Systems Attack Database Artificial Opponent Faux Data Watermarking Faux data Real data

Detection Strategies No detection Rule-based detection –Simple firewall (stateless) –Stateful detection Intelligent detection –Anomaly detection –Attack classification

Observation Monitor integrity of all systems Isolate attacks to appropriate systems –Redirect attacks away from real systems –Generate attack logs usable by IDS and artificial opponents –Use an artificial opponent to collect more data –Conduct observation on system containing no “real” data

(Mis)information Use dynamically generated data to misinform attacker –Create a “believable” yet harmless base –Use a watermarking algorithm to produce variations on base Store watermark as evidence of attack –Data may be stored on attacker’s system –Data may be used in extortion schemes