Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Intrusion Detection System Kittiphan Techakittiroj

Slides:



Advertisements
Similar presentations
Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Advertisements

Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 6 – Intrusion Detection.
Lecture 13 Intrusion Detection modified from slides of Lawrie Brown.
Kittiphan Techakittiroj (21/05/58 10:00 น. 21/05/58 10:00 น. 21/05/58 10:00 น.) Firewall Kittiphan Techakittiroj
1 Ola Flygt Växjö University, Sweden Intruders.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Informationsteknologi Thursday, October 11, 2007Computer Systems/Operating Systems - Class 161 Today’s class Security.
Chapter 3 Process Description and Control
Intrusion Detection Systems and Practices
Stephen S. Yau CSE , Fall Intrusion Detection.
Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.
Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
seminar on Intrusion detection system
By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Lecture 11 Intrusion Detection (cont)
Intrusion Detection. Intruders Classes (from [ANDE80]: Classes (from [ANDE80]: two most publicized threats to security are malware and intruders two most.
Network security policy: best practices
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
Intrusion Detection Presentation : 1 OF n by Manish Mehta 01/24/03.
Intrusion Detection Adam Ashenfelter Nicholas J. Tyrrell.
IIT Indore © Neminah Hubballi
Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.
Chapter 18 Intruders.
Chapter 9 INTRUDERS MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Signature Based and Anomaly Based Network Intrusion Detection
INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.
Chapter 18. Intruders. 2 Intruders  Three classes of intruders  Masquerader  likely to be an outsider  penetrates a system’s access controls to exploit.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.
Operating system Security By Murtaza K. Madraswala.
NS-H /11041 Intruder. NS-H /11042 Intruders Three classes of intruders (hackers or crackers): –Masquerader –Misfeasor –Clandestine user.
INTRUDERS BY VISHAKHA RAUT TE COMP OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS.
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
Name:Neha Madgaonkar Roll no:  What are intruders?  Types  Behavior  Techniques.
Requirements of an Operating System Fundamental Task: Process Management The Operating System must – Interleave the execution of multiple processes – Allocate.
Chapter 3 Process Description and Control Operating Systems: Internals and Design Principles, 6/E William Stallings Dave Bremer Otago Polytechnic, N.Z.
Processes Processes Dr. Sunny Jeong & Mr. M.H Park Operating Systems: Internals and Design Principles William Stallings.
1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.
Intrusion Detection State of the Art/Practice Anita Jones University of Virginia.
Cryptography and Network Security Sixth Edition by William Stallings.
Chapter 9 Intruders.
Understand Audit Policies LESSON Security Fundamentals.
I NTRUSION P REVENTION S YSTEM (IPS). O UTLINE Introduction Objectives IPS’s Detection methods Classifications IPS vs. IDS IPS vs. Firewall.
Approaches to Intrusion Detection statistical anomaly detection – threshold – profile based rule-based detection – anomaly – penetration identification.
IDS Intrusion Detection Systems CERT definition: A combination of hardware and software that monitors and collects system and network information and analyzes.
Computer Security Intrusion Detection. Intruders  A significant security problem for networked systems is hostile/unwanted, trespass by users or software.
Kittiphan Techakittiroj (25/06/59 19:10 น. 25/06/59 19:10 น. 25/06/59 19:10 น.) Network Address Translation Kittiphan Techakittiroj
Jason Ewing. What is an Intrusion Why Detecting Signs of Intrusion is Important? Types of Intrusion Detection Systems (IDS) Approaches for Detection Anomaly.
Some Great Open Source Intrusion Detection Systems (IDSs)
Application Intrusion Detection
Chapter 9 Intruders.
Ch.22 INTRUSION DETECTION
Network Security (the Internet Security)
Network Security Essentials
(A CORPORATE NETWORK APPROACH)
Operating system Security
Evaluating a Real-time Anomaly-based IDS
NET 412 Network Security protocols
NET 412 Network Security protocols
Intrusion Detection Systems (IDS)
Chapter 9 Intruders.
Lecture 8: Intrusion Detection
Intrusion Detection system
Intrusion.
Lecture 7: Intrusion Detection
Presentation transcript:

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Intrusion Detection System Kittiphan Techakittiroj

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Intrusion Detection System Monitioring the Network Activities Detect the sign of intrusion The earlier we detect, the faster we prevent, the more secure we have. Not 100% correct detection –high false alarm, less intrusion, annoying user –less false alarm, high instrusion

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Characteristic of Intruders Masquerader (mostly outsider) –un-authorized user of the system Misfeasor (mostly insider) –authorized user access un-authroized resources –authorized user misuses priveleges Clandestine user –un-authorized user who gain the supervisory priveleges to alter the system (audit, access) IDS: Intrusion Detection Systems

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Type of IDS Audit Records –log files investigation Statistical Anomaly Detection –Statistical based technique Rule-Based Intrusion Detection –Specify a sequence of action or event to indicate the intrusion IDS: Intrusion Detection Systems

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Audit Records Fundamental Tool Investigate the ongoing activity Two basic strategy –Native audit records: standard log files or user accounting information on many OS. –Detection-specific audit records: special software to monitor specific activities. Examples of record information are Subject, Action, Object, Exception- Condition, Resource-Usage, Time-stamp IDS: Intrusion Detection Systems

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Statistical Anomaly Detection Analysis statistical data Any un-usual changes, indicate the sign of instrusion Some metrics or statistical data –Counter (increment): login period, failure login –Guage: logical connection, user processes –Interval Timer: time between two related events –Resource Utilization: CPU times, network traffic IDS: Intrusion Detection Systems

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Rule-Based Intrusion Detection Rule-based anomaly detection –similar to the statistical approach, but can be a complicated rules Rule-based penetration identification –use expert system to identify the intrusion –based on the known knowledge of attack –Require the update of knowledge IDS: Intrusion Detection Systems

Kittiphan Techakittiroj (25/10/58 12:06 น. 25/10/58 12:06 น. 25/10/58 12:06 น.) Reference Books Cyrptography and Network Security by William Stallings (Prentice Hall: 2003)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.