Colored Petri nets as the enabling technology in Intrusion Detection Systems Andrey M. Dolgikh MS in Computer Engineering Degree and Specialization Sought:

Slides:

Advertisements

Similar presentations

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Advertisements

5 th Grade Etiwanda School District. Match the Word with its definition The study or use of scientific discoveries The use of reason in understanding.

Computer Viruses.

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Nasca Internet Networking and Security viruses.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Anti Virus Techniques Jordan & Ryan Use of Checksum The Binary for key files is added up to a number especially in the boot files When these files are.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Installing Samba Vicki Insixiengmay Jonathan Krieger.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

1GMS-VU : Module 2 Introduction to Information and Communication Technologies Module 2 Computer Software.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Cyber Patriot Training

HealthInfoNet’s Behavioral Health Information Technology Help Desk Users December 12, 2014 Dial: Enter access code #

©2003 CNET Networks, Inc. All rights reserved. Virus Basics Created by: Robert L. Bogue, MCSE: Security, etc. Crowe Chizek.

Computer Viruses Preetha Annamalai Niranjan Potnis.

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.

Behavior-based Spyware Detection By Engin Kirda and Christopher Kruegel Secure Systems Lab Technical University Vienna Greg Banks, Giovanni Vigna, and.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

Learningcomputer.com SQL Server 2008 Configuration Manager.

Security Issues, Ethics, & Emerging Technologies in Education

Cloud-based Antivirus Project Proposal By Yuli Deng, Guofu Xiong.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line Trend Micro Confidential 1 Virus/ Trojans/ Worms etc and some Common issues.

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

Backup Procedure  To prevent against data loss, computer users should have backup procedures  A backup is a copy of information stored on a computer.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.

Malware Analysis Jaimin Shah & Krunal Patel Vishal Patel & Shreyas Patel Georgia Institute of Technology School of Electrical and Computer Engineering.

Brandon Resheske. What is Malware? Code designed to interfere with normal computer operation The correct general term, instead of ‘virus.’ Basically,

Virus and Spyware Protection Group 9 Shana Reese, Jamarr Dumas, Casey Watkins.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Get rid of troubles with Dr.Web CureNET! (Quick Start) If your house is on fire, you call for a fire brigade. When malware ravages through your network,

1 Intrusion Detection Methods “Intrusion detection is the process of identifying and responding to malicious activity targeted at computing and networking.

Lee County’s intent is to provide free and equal access to resources via the internet. All school rules for appropriate use of technology also apply.

Introduction to Computing Muhammad Saeed. Topics Course Description Overview of Areas Contact Information.

7.5 Intrusion Detection Systems Network Security / G.Steffen1.

Software BrandsState the Type of Software each Brand below is Microsoft Access Database Microsoft Excel Spread sheet Microsoft Outlook Microsoft.

Dynamic Instruction Sequences Monitor for Virus Detection Jianyong Dai, Ratan Guha, Joohan Lee Wednesday, January 28, 2009 Cho, Ho-Gi.

Ch 5 Quick Quiz T F 1. Linux is an example of an operating system. T F 2. With sequential processing techniques, multiple tasks are performed at the exact.

Module 7: Advanced Application and Web Filtering.

Final project presentation by Alsharidah, Mosaed.

Software Chapter 2. Basic Types of Software System software - provides an environment in which the application software can run Applications software.

1 Software. 2 What is software ► Software is the term that we use for all the programs and data on a computer system. ► Two types of software ► Program.

Security Awareness – Essential Part of Security Management Ilze Murane.

Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.

1 3 Computing System Fundamentals 3.7 Utility Software.

Systems Software. Systems software Applications software such as word processing, spreadsheet or graphics packages Operating systems software to control.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Chapter SOFTWARE Are the programs which are written by different programming languages. These programs are: a series of instruction that tells.

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Computer System Structures

4.4.1 The Operating System.

Hardware and Software Hardware refers to the physical devices of the computer system e.g. monitor, keyboard, printer, RAM etc. Software is a set of programs,

Access control techniques

Cyber Security By: Pratik Gandhi.

Java programming lecture one

Use same User ID and password as computer login

زبان بدن Body Language.

Chap 10 Malicious Software.

Chap 10 Malicious Software.

Operating Systems Tasks 04/04/2019.

Computer System Structures

Engine Part ID Part 1.

Engine Part ID Part 2.

Engine Part ID Part 2.

Operating Systems Tasks 05/08/2019.

Presentation transcript:

Colored Petri nets as the enabling technology in Intrusion Detection Systems Andrey M. Dolgikh MS in Computer Engineering Degree and Specialization Sought: Doctor of Philosophy in Electrical & Computer Engineering

Signature database Conventional antivirus Perfect match – virus detected Program _____ BRAKEITBRAKEIT Match Virus

Part of program Virus body detected Signature BRAKEIT BRAKEIT

Part of program Signature BRAKEIT BRaKEiT

Utilization of binary signatures (source: Kaspersky Lab) Current IDS depend on ever-growing databases of binary signatures

Utilization of Malicious functionalities (source: Trend Micro Inc.)

Understanding behavior Sentence: – Send the password to the Internet Words: – Password, Internet, The, Send, To Letters: – PasswordInternetTheSendTo

Behavior File Objects Memory Sections Handle 1Handle 2 Handle 1Handle 5 System Service Executive Kernel mode User mode Operations System Calls API1 API3 API2 API6 API7 API calls Open/readCmd /c dirOpen/write Functionality level VirusMS Excel somesswordsendint usefuthingpaldoernet something password useful do send internet MS Excel: Do something useful Virus: Send password to Internet something do useful password send internet In natural language

Call #8 Chain 5,11 Call #22 Functionality Call #11 Call #5 Functionality: How to model functionalities? - Via CPN. How CPN works? – it assembles appropriate system calls into functionality

Questions ???