INTRUDERS BY VISHAKHA RAUT TE COMP 411151. OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS.

Slides:

Advertisements

Similar presentations

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,

Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Chapter 18: Computer and Network Security Threats

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 6 – Intrusion Detection.

Lecture 13 Intrusion Detection modified from slides of Lawrie Brown.

Cryptography and Network Security Chapter 20 Intruders

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Security Issues and Challenges in Cloud Computing

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Lecture slides for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 8 “Intrusion Detection”.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Copyright © 2002 Pearson Education, Inc. Slide 5-1 PERTEMUAN 8.

Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lecture 11 Intrusion Detection (cont)

Intrusion Detection. Intruders Classes (from [ANDE80]: Classes (from [ANDE80]: two most publicized threats to security are malware and intruders two most.

Cryptography and Network Security Chapter 20 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Cryptography and Network Security Chapter 20. Chapter 20– Intruders They agreed that Graham should set the test for Charles Mabledene. It was neither.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Chapter 18 Intruders.

Cyber crime & Security Prepared by : Rughani Zarana.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

C8- Securing Information Systems

Software Security Testing Vinay Srinivasan cell:

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

Operating system Security By Murtaza K. Madraswala.

Data Security and Encryption (CSE348) 1. Lecture # 26 2.

NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Name:Neha Madgaonkar Roll no:  What are intruders?  Types  Behavior  Techniques.

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Intrusion Detection System Kittiphan Techakittiroj

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

CHAPTER 9 Sniffing.

Topic 5: Basic Security.

1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.

BY SYDNEY FERNANDES T.E COMP ROLL NO: INTRODUCTION Networks are used as a medium inorder to exchange data packets between the server and clients.

Chap1: Is there a Security Problem in Computing?.

Intruders & Intrusion Detection Systems Intruders Three classes of intruders:Three classes of intruders: An individual who is not authorized to.

Database Security David Nguyen. Dangers of Internet  Web based applications open up new threats to a corporation security  Protection of information.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Chapter 9 Intruders.

Computer threats, Attacks and Assets upasana pandit T.E comp.

C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.

Computer Security Intrusion Detection. Intruders  A significant security problem for networked systems is hostile/unwanted, trespass by users or software.

 Computer Network Attack  “… actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers.

Chapter 9 Intruders.

Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.

Network Security Essentials

Secure Software Confidentiality Integrity Data Security Authentication

Operating system Security

NET 311 Information Security

NET 412 Network Security protocols

NET 412 Network Security protocols

Chapter 9 Intruders.

Ethical Hacking.

Lecture 8: Intrusion Detection

Cryptography and Network Security Chapter 20 Intruders

Operating System Concepts

Lecture 7: Intrusion Detection

Presentation transcript:

INTRUDERS BY VISHAKHA RAUT TE COMP

OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS REFERENCES

INTRODUCTION Publicized threats to security. Referred to as hacker or cracker. Intruder attacks ranges from benign to serious. The objective of the intruder is to gain access to a system or to increase the range of privileges accessible on a system. EXAMPLES:  Defacing a web server.  Guessing and cracking passwords.  Copying a database containing credit card numbers.  Dialing into an unsecured modem and gaining internal network access.

TYPES OF INTRUDERS ( pg no:643) 1) MASQUERADER:  Individual who is not authorized to use the computer.  Penetrates a system’s access controls to exploit a legitimate user’s account.  Likely to be an outsider. 2) MISFEASOR:  A legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such acess but misuses his or her privileges.  Generally is an insider. 3) CLANDESTINE USER:  An individual who seizes supervisory control of the system.  Uses this control to evade auditing and access controls or to suppress audit collection.  Either an outsider or an insider.

INTRUDER BEHAVIOR PATTERNS (pg no: ) 1)HACKERS: (pg no: )  Traditional hackers look for targets of opportunity and then share the information with others.  Hack into the computers for thrill of it or status.  The hacking community is a strong meritocracy in which status is determined by level of competence.  Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) is used to counter this type of hacker.  Organization need to restrict remote logons to specific IP adresses and/or use virtual private n/w technology.

2) CRIMINALS: (pg no: )  Criminal hackers have specific targets in mind.  Organized groups of hackers have become threat to internet – based systems.  Meet in underground forums to trade tips, data and coordinate attacks.  A common target is a credit card file at e-commerce server and attempt to gain root acess.  Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) is used for this type of attack but may be less effective becoz of quick in-and-out nature of the attack..  Database encryption should be used for sensitive customer information.

3) INSIDER ATTACKS: (pg no:646)  Difficult to detect and prevent.  Motivated by revenge or simply a feeling of entitlement.  Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) is used to counter insider attack.  Protect sensitive resources with strong authentication.  Upon termination, delete employee’s computer and n/w acess.  Set logs to see what users access and what commands they are entering.

INTRUSION TECHNIQUES (pg no: ) Most initial attacks use system or software vulnerabilities that allow a user to execute code that opens a back door into a system. Intruders can get access to a system by exploiting attacks such as buffer overflows on a program that runs with certain privileges. The intruder attempts to acquire information (user password) that should have been protected. With knowledge of some other user’s password, an intruders can log in to a system and exercise all the privileges accorded to the legitimate user.

QUESTIONS ON INTRUDERS 1)Write a short note on intruders (4 to 5 mks). 2) What are intruders (3 mks).

REFERENCES Operating System Internals and Design Principles (sixth edition).  By William Stallings.  Part 7 (Security).  Chp 14-Computer Security Threats  Pg no:

ANY QUESTIONS ???

THANKYOU