23-aug-05Intrusion detection system1
23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion detection ? What is intrusion detection system Functions of IDS
23-aug-05Intrusion detection system3 Process models of intrusioin detection 1.Information sources 2.Analysis 3.Response
23-aug-05Intrusion detection system4 IDS Architecture Architecture collection/storage unit. Processing unit. Alarm/response units.
23-aug-05Intrusion detection system5 Information sources NIDS(network based IDs) HIDS(host based IDS) Application based IDS.
23-aug-05Intrusion detection system6 IDS Analysis/Techniques Misuse detection Anomaly detection Specification-based detection
23-aug-05Intrusion detection system7 Misuse detection Analyzes system activity Matches the patterns of activity of a system to that of an attack Advantages Disadvantages
23-aug-05Intrusion detection system8 Anomaly detection Identifies abnormal usual behavior. Matches the attack with normal pattern. Advantages Disadvantages
23-aug-05Intrusion detection system9 Specification based detection Combines anomaly & misuse detection. Advantages. Disadvantages.
23-aug-05Intrusion detection system10 Tools for IDS
23-aug-05Intrusion detection system11 Deploying IDS Deployment of NIDS. Deployment of HIDS.
23-aug-05Intrusion detection system12 Deployment of NIDS Figure Location 1 Location 2 Location 3 Location 4
23-aug-05Intrusion detection system13 Deployment of HIDS.
23-aug-05Intrusion detection system14 Strength of IDS Monitoring and analysis of system events and user behavior. Testing the security states of system configuration. Tracking any changes to the baseline of the security system. Recognizing patterns of the system events that corresponding to known attacks Recognizing patterns of normal activity.
23-aug-05Intrusion detection system15 Limitations Detecting newly published attacks Automatically investigating attacks without human interventions. Detecting attacks in heavily loaded networks.
23-aug-05Intrusion detection system16 Challenges with IDS Protecting IDS from attacks. Too many false alarms. Choosing grid IDS policy.
23-aug-05Intrusion detection system17 conclusion
23-aug-05Intrusion detection system18 Thank you