INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Application of Bayesian Network in Computer Networks Raza H. Abedi.
Data Mining and Intrusion Detection
IDS/IPS Definition and Classification
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Intrusion Detection Techniques for Mobile Wireless Networks Authors: Yongguang Zhang, HRL Laboratories LLC, Malibu, California. Wenke Lee, College of Computing,
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Mobile Agents for Intrusion Detection Jaromy Ward.
1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.
Introduction to Intrusion Detection Systems Presented by Parwez.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.
Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
Building Knowledge-Driven DSS and Mining Data
Intrusion Detection Systems By Ali Hushyar. What is an intrusion? Intrusion: “any action or set of actions that attempt to compromise the integrity, confidentiality.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Lecture 11 Intrusion Detection (cont)
Intrusion Detection Systems: A Survey and Taxonomy A presentation by Emily Fetchko.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Mark W. Propst Scientific Research Corporation.  Attack Motivations  Vulnerability Classification  Traffic Pattern Analysis  Testing Barriers  Concluding.
Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.
1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.
Data Mining for Intrusion Detection: A Critical Review Klaus Julisch From: Applications of data Mining in Computer Security (Eds. D. Barabara and S. Jajodia)
CS490D: Introduction to Data Mining Prof. Chris Clifton April 14, 2004 Fraud and Misuse Detection.
Where Are the Nuggets in System Audit Data? Wenke Lee College of Computing Georgia Institute of Technology.
A Statistical Anomaly Detection Technique based on Three Different Network Features Yuji Waizumi Tohoku Univ.
Intrusion Detection Jie Lin. Outline Introduction A Frame for Intrusion Detection System Intrusion Detection Techniques Ideas for Improving Intrusion.
Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal.
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY Presented by:Manoj Kumar Gantayat CS: Technical Seminar Presentation by MANOJ KUMAR GANTAYAT.
A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.
Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.
Intrusion Detection Adam Ashenfelter Nicholas J. Tyrrell.
IIT Indore © Neminah Hubballi
Intrusion Detection Techniques for Mobile Wireless Networks Zhang, Lee, Yi-An Huang Presented by: Alex Singh and Nabil Taha.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.
Enhancing the Security of Corporate Wi-Fi Networks using DAIR PRESENTED BY SRAVANI KAMBAM 1.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.
Distributed Anomaly Detection in Wireless Sensor Networks Ksutharshan Rajasegarar, Christopher Leckie, Marimutha Palaniswami, James C. Bezdek IEEE ICCS2006(Institutions.
Computer System Intrusion Detection: A Survey Anita K. Jones & Robert S. Sielken Presented by Peixian Li (Rick) For CS551/651 Computer Security.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
An Overview of Intrusion Detection Using Soft Computing Archana Sapkota Palden Lama CS591 Fall 2009.
Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Intrusion Detection System Kittiphan Techakittiroj
1 Intrusion Detection Methods “Intrusion detection is the process of identifying and responding to malicious activity targeted at computing and networking.
Intrusion Detection System (IDS). What Is Intrusion Detection Intrusion Detection is the process of identifying and responding to malicious activity targeted.
Intrusion Detection State of the Art/Practice Anita Jones University of Virginia.
Cryptography and Network Security Sixth Edition by William Stallings.
Artificial Intelligence Center,
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
Muhammad Mahmudul Islam Ronald Pose Carlo Kopp School of Computer Science & Software Engineering Monash University Australia.
Scientific Systems Not for Public Release SSCI #1301 DARPA OASIS PI MEETING – Santa Fe, NM - Jul 24-27, 2001 Intelligent Active Profiling for Detection.
A Blackboard-Based Learning Intrusion Detection System: A New Approach
Anomaly Detection. Network Intrusion Detection Techniques. Ştefan-Iulian Handra Dept. of Computer Science Polytechnic University of Timișoara June 2010.
The Utilization of Artificial Intelligence in a Hybrid Intrusion Detection System Authors : Martin Botha, Rossouw von Solms, Kent Perry, Edwin Loubser.
Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.
1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.
Application Intrusion Detection
Ch.22 INTRUSION DETECTION
Security Methods and Practice CET4884
Intrusion Detection Systems
Evaluating a Real-time Anomaly-based IDS
An Enhanced Support Vector Machine Model for Intrusion Detection
How to Detect Attacks and Supervise Rail Systems?
Intrusion Detection system
Modeling IDS using hybrid intelligent systems
Presentation transcript:

INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION

Anomaly Detection Misuse Detection A presentation over term paper on intrusion detection by anuja jain (MS in computer science) monica achury (MS in computer science)

Definition INTRUSION - The potential possibility of a deliberate unauthorized attempt to: Access information Manipulate information Render a system unreliable or unusable INTRUSION DETECTION - The process of identifying and responding to intrusion activities

Types of Intrusion There are six types of Intrusions Attempted break-ins Masquerade attacks Penetration of the security control system Leakage Denial of service Malicious use

Anomaly Detection  Static  Dynamic Misuse Detection Ex:- NIDES, MIDAS, STAT Intrusion Detection Techniques

Statistical approaches  Tripwire, Self/Non-self Dynamic /Predictive pattern generation  NIDES, Pattern Matching (UNM) Anomaly Detection Systems

Anomaly Detection activity measures probable intrusion Relatively high false positive rate - anomalies can just be new normal activities.

Misuse Detection Systems Expert Systems Keystroke Monitoring Model Based Intrusion Detection

Misuse Detection Intrusion Patterns activities pattern matching intrusion Can’t detect new attacks Example: if (src_ip == dst_ip) then “land attack”

IDS Design

Components of IDS Audit Data Preprocessor Audit Records Activity Data Detection Models Detection Engine Alarms Decision Table Decision Engine Action/Report system activities are observable normal and intrusive activities have distinct evidence activities have distinct evidence

Important Features Fault tolerant. Minimum human supervision. Resist subversion. Minimal Overhead. Platform Independent Continued…

Adaptable. Easy to Deploy. Detect different types of attacks.  Anomaly detection schemes  Misuse detection schemes  Combination of both Hardware / Software must be synchronized. Good data mining techniques

Data Mining Definition: The semi-automatic discovery of patterns, associations, changes, anomalies, rules, and statically significant structures and events in data. Data such as, Failed connection attempts Connection delays Source/Destination data packets

Data Mining Algorithms Extract knowledge in the form of models from data. Classification Regression Clustering Association rule abduction Sequence Analysis Others

Data Mining Techniques It allows the system to collect useful knowledge that describes a user’s or program’s behavior from large audit data sets. Examples: Statistics Artificial Neural Network Rule Learning Neuro-Fuzzy

IDS Evaluation Rate of false positives Attack detection rate Maintenance cost Total cost

IDS for Mobile Wireless Systems

Designing for Wireless Networks Problems with Wireless Networks Open Medium Dynamic changing network topology Lack of decentralized monitoring Less known security measures Data is harder to collect

One proposed IDS design by Georgia Institute of Technology Individual IDS agents are placed on each an every node.  Monitors local activities  User, system and communication activities Nodes cooperate with each other.  Investigate together at a broader range A secure communication channel among the IDS Agent.

references Chebrolu, S., Abraham, A., Thomas, J.P.: Feature Detection and Ensemble Design of Intrusion Detection Systems. Computers and security, Zhang, Y., Lee, W., and Huang, Y Intrusion detection techniques for mobile wireless networks. Wirel. Netw. 9, 5 (Sep. 2003), DOI= J.P Anderson. Computer Security Threat Monitoring and Surveillance. Technical report, James P Anderson Co., Fort Washington, Pennsylvania, April 1980 Eugene H Spafford. Security Seminar, Department of Computer Sciences, Purdue University, Jan Biswanath Mukherjee, L Todd Heberlein and Karl N Levitt. Network Intrusion Detection, IEEE Network, May/June 1994, pages

Questions???

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.