1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Bro: A System for Detecting Network Intruders in Real-Time Vern Paxson Lawrence Berkeley National Laboratory,Berkeley, CA A stand-alone system for detecting.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
CSA 223 network and web security Chapter one
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Intrusion Detection Systems and Practices
EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Lecture 11 Reliability and Security in IT infrastructure.
Introduction (Pendahuluan)  Information Security.
Intrusion Detection Systems CS391. Overview  Define the types of Intrusion Detection Systems (IDS).  Set up an IDS.  Manage an IDS.  Understand intrusion.
Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering
Intrusion Detection System Marmagna Desai [ 520 Presentation]
INTRUSION DETECTION SYSTEM
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
1 Issues in Benchmarking Intrusion Detection Systems Marcus J. Ranum.
Storage Security and Management: Security Framework
Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.
IIT Indore © Neminah Hubballi
Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.
Operating system Security By Murtaza K. Madraswala.
Intrusion Control. CSCE Farkas2 Readings Lecture Notes Pfleeger: Chapter 7.5.
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
Intrusion Detection (ID) Intrusion detection is the ART of detecting inappropriate, incorrect, or anomalous activity There are two methods of doing ID.
SNORT Biopsy: A Forensic Analysis on Intrusion Detection System By Asif Syed Chowdhury.
Information Security What is Information Security?
Intrusion Detection System (IDS). What Is Intrusion Detection Intrusion Detection is the process of identifying and responding to malicious activity targeted.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
Cryptography and Network Security Sixth Edition by William Stallings.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
Ch 13 Trustworthiness Myungchul Kim
Intrusion Detection System
Network Security Introduction
Computer threats, Attacks and Assets upasana pandit T.E comp.
1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Some Great Open Source Intrusion Detection Systems (IDSs)
Security Methods and Practice CET4884
Network security Vlasov Illia
Threat Modeling for Cloud Computing
CSCE 548 Student Presentation By Manasa Suthram
IDS/IPS Intrusion Detection System/ Intrusion Prevention System.
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
VANET.
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Intrusion Control.
Outline Introduction Characteristics of intrusion detection systems
Operating system Security
Security of a Local Area Network
CompTIA Security+ Study Guide (SY0-501)
Intrusion Detection & Prevention
Figure 1-7: Eavesdropping on a Dialog
Intrusion Prevention Systems
Intrusion Detection Systems
Intrusion Detection system
Presentation transcript:

1

AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.

History: 1970s - Observation by administrators When an account is used When/how much a resource is used Early 1980s – Usage models First proposed by Anderson (1980) Based on accounting logs Login frequency, volume data processed, etc. Batch processing; not real time

What’s an IDS? Any set of actions that attempt to compromise the confidentiality, integrity, or availability of a computer resource is called as ids. Term is overloaded Trying to detect a policy violation 4

COMPUTER SECURITY AND ROLES: Confidentiality: Transforming data such that only authorized parties can decode it. Authentication: Proving or disproving someone’s or something’s claimed identity. Integrity checking: Ensuring that data cannot be modified without such modification. being detectable Non – repudiation: Proving that a source of some data did in fact send data that he might later deny sending 5

TYPES OF VIOLATIONS: Attack Attempts to exploit a vulnerability Ex: denial of service, privilege escalation Intrusion Acts as another legitimate user Misuse User abuses privileges Often called the “insider threat” 6

TYPES OF DETECTION: Misuse detection Built with knowledge of “bad” behaviors Collection of signatures Examine event stream for signature match Anomaly detection Built with knowledge of “normal” behaviors Examine event stream for deviations from normal 7

SOME OF THE HACKING TOOLS: 8

Types of IDS Primary Types: Network IDS (NIDS) Host IDS (HIDS) Hybrid Types: Per-Host Network IDS (PH-NIDS) Load Balanced Network IDS (LB-NIDS) Firewall IDS (FW-IDS) 9

NETWORK BASED (Advantages) Can get information quickly without any reconfiguration of computers. Does not affect network or data sources Monitor and detects in real time networks attacks or misuses Does not create system overhead

NETWORK BASED (Disavantages) Cannot scan protocols if the data is encrypted Hard to implement on fully switched networks Has difficulties sustaining network with a very large bandwidth

Naïve Simulation Network 12 Test Network Attack Generator Target Host Attack Stream NIDS

What’s HAPPENING ? IN THE ABOVE FIG THERE ARE THREE COMPUTERS 1.TARGET HOST : IT IS ALSO A MAIN COMPUTER AND CLIENT IS WORKING IN IT. 2.ATTACK GENERATOR : IT IS ALSO A CLIENT SIDE COMPUTER BUT IT IS USED BY ATTACKER. 3.NIDS : IT MEANS NAÏVE SYSTEM USING THIS SYSTEM THE HACKER TRIES TO HACK THE DATA PRESENT IN TARGET HOST. 13

IDS ISSUES: Lack of Physical Wires Bandwidth Issues Difficulty of Anomaly and Normality Distinction Possibility of a Node Being Compromised 14

ONTOLOGY SERVERS ONTOLOGY IS AN MEDICAL APPROACH WHICH IS IMPLEMENTED IN NETWORKS PLATFORM. ONE OF THE APPROACH WHERE WE CAN PROVIDE HIGH SECURITY IS BY USING ONTOLOGY SERVERS. 15

HOW IT WORKS? WENEVER THE DATA IS PRESENT IN ONE OR TWO SERVERS,THE WORK BECOMES EASY FOR AN HACKER TO HACK THOSE DATA. SO WAT ONTOLOGY SERVER DOES IS,IT SPLITS THE DATA PRESENT IN MAIN SERVER TO FOUR SUB SERVERS. 16

CONTD…… SO WENEVER HACKER HACKS ANY SUBSERVER HE WILL GET ONLY PARTIAL INFORMATION WHICH HE CANNOT ENCRYPT OR DECRYPT IT. IF SUPPOSE CLIENT SENDS AN API TO SERVER TO SEND THE DATA WHICH IT SENT THEN THE MAIN SERVER WILL SEND THE API’S TO SUBSERVER GATHER THE INFORMATION AND SENDS IT BACK TO CLIENT. 17

ADVANTAGES: 1. IT PROVIDES HIGH SECURITY. 2.DATA LOSS IS LESS. DIS ADVANTAGES: 1. TIME TAKEN IS MORE AND COST IS HIGH. 2.NEEDS MANY NUMBER OF SYSTEMS. 18

Conclusion: BY MAKING USE OF ABOVE APPROACH WE CAN PROVIDE HIGH SECURITY TO ANY EXISTING SYSTEM. WE CAN AVOID INTRUDERS INTRUDING THE DATA. 19

FUTURE ENHANCEMENT: There is a need for a COMPETENT analyst Need someone that can fine tune the IDS in order to avoid false positive or false negative Must subscribe to popular advisories and security newsletters such as bugtraq, CERT, GIAC, SANS, and others

REFERENCES: [1] Lidong Z., Zygmunt J. H., “Securing ad hoc networks”, IEEE Network, Vol. 13, No. 6, 1999, pp [2] Sundaram A., "An Introduction to Intrusion Detection", [3] Arbaugh W., Shankar N., Wan Y.C.J., “Your Wireless Network Has No Clothes”, University of Maryland, 30-Mar

THANK YOU 22

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.