By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools.

Slides:



Advertisements
Similar presentations
Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Advertisements

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
Guide to Network Defense and Countermeasures Second Edition
IDS/IPS Definition and Classification
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
Intrusion Detection Systems and Practices
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
LittleOrange Internet Security an Endpoint Security Appliance.
seminar on Intrusion detection system
DIYTP Computer Security – Virus Scanners  Works in two ways:  List of known ‘bad’ files  Suspicious activity  Terminate and Stay Resident (TSR)
Host Intrusion Prevention Systems & Beyond
Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering
Intrusion Detection System Marmagna Desai [ 520 Presentation]
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.
Intrusion Detection Systems Present by Ali Fanian In the Name of Allah.
Lesson 7 Intrusion Prevention Systems. UTSA IS 3523 ID & Incident Response Overview Definitions Differences Honeypots Defense in Depth.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
Signature Based and Anomaly Based Network Intrusion Detection
Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Intrusion Detection and Prevention. Objectives ● Purpose of IDS's ● Function of IDS's in a secure network design ● Install and use an IDS ● Customize.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
MAANAS GODUGUNUR SHASHANK PARAB SAMPADA KARANDIKAR.
23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
Chapter 5: Implementing Intrusion Prevention
7.5 Intrusion Detection Systems Network Security / G.Steffen1.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Intrusion Detection System (IDS) Basics LTJG Lemuel S. Lawrence Presentation for IS Sept 2004.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Network Security Terms. Perimeter is the fortified boundary of the network that might include the following aspects: 1.Border routers 2.Firewalls 3.IDSs.
Lesson 7 Intrusion Prevention Systems. UTSA IS 3523 ID & Incident Response Overview Definitions Differences Honeypots Defense in Depth.
IS3220 Information Technology Infrastructure Security
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Some Great Open Source Intrusion Detection Systems (IDSs)
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,
CompTIA Security+ Study Guide (SY0-401)
IDS Intrusion Detection Systems
IDS/IPS Intrusion Detection System/ Intrusion Prevention System.
Security Methods and Practice CET4884
Click to edit Master subtitle style
CompTIA Security+ Study Guide (SY0-401)
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
CompTIA Security+ Study Guide (SY0-501)
Sizing …today. T: Here’s how. .
Intrusion Detection & Prevention
ISMS Information Security Management System
Intrusion Prevention Systems
Intrusion Detection system
Network hardening Chapter 14.
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Intrusion-Detection Systems
Presentation transcript:

By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools

Security Tools The term “Tools” –Not a replacement for experienced professionals (intelligence behind the wheel not under the hood) –Not a substitute for good security policies and procedures –Goals: Detect-Prevent-Delay-Mitigate

Security Tools Proliferating with increase in attacks Many claim to be “ the holy grail” Some marketing as “ the security solution” How do they fit into a security strategy

Security Service Model Courtesy of NIST pub

Security Tools Firewalls Host/Network based Intrusion Detection Intrusion Prevention Systems Network Scanners Security Event Management Systems File Integrity Systems Vulnerability Analyzers

Intrusion Detection Systems (IDS) Most IDS look for signature based suspicious activity –Known published attack signatures (i.e. viruses) New IDS models based on anomaly detection –Statistical Baseline operations Develop behavior profile Look for statistical differences Look for abnormal behavior –Packet signature or protocol anomalies

Intrusion Detection Control Network - PLCs

Intrusion Detection Control Network – SCADA System

Intrusion Detection Control Network - DCS

Intrusion Detection Cisco Firewall

Intrusion Prevention System (IPS) Inline NIDS that acts like a bridge –Basically a NIDS with blocking capability of a firewall –Sits between systems needing protection –Unlike bridge, does packet content analysis for signatures Layer Seven switches –Looks at layer 7 info ( DNS,HTTP,SMTP) and makes routing decisions –Good to protect against DOS attacks ( known signatures)

Intrusion Prevention System (IPS) Application Firewall /IDS –Typically loaded on host to be protected Comes with overhead that could be a management headache –Customizable to look for application behavior Memory management API calls Interaction between application and operating system Prevents by blocking unknown behavior –Can be dangerous for control systems

Vulnerability Scanners/Analyzers Passive fingerprinters –identifies host and devices on network –some will report services running Network vulnerability scanner –Views the network from a hacker’s perspective –Extremely noisy and prone to false positives –Dangerous Crashes target in many cases

IT Security Tools No Tool is “ The answer” Always use a layered approach –“Security–in-depth” Implement good policies and procedures before tools

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.