Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented by Justin Bode CS 450 – Computer Security February 17, 2010."— Presentation transcript:

1 Presented by Justin Bode CS 450 – Computer Security February 17, 2010

2 To show importance of network security http://vimeo.com/7151210

3 Why the need for IPS?

4  Anti-Virus Programs ◦ Need to be updated constantly – Might be too late ◦ React rather than protect  Firewalls ◦ Can block traffic but needs to allow some through ◦ Attacks can still get in  Intrusion Detection Systems ◦ Scans the network for signs of intrusion ◦ Merely reports – Requires user action to stop attacks ◦ IDS evasion techniques are becoming common

5 How do they work? Types of IPS?

6  Software based heuristic approach ◦ Similar to IDS but has added functionality to block  Sandbox ◦ Runs mobile code in isolated environment and looks at the result  Hybrid ◦ Uses multiple detection methods and blocks imminent attacks  Kernel Based Protection ◦ Agent installed between user application and kernel ◦ Malicious system calls are blocked.

7  Network based ◦ Inline hardware systems ◦ Uses signature, anomaly, and proprietary detection methods ◦ Traffic normalization – removes protocol ambiguities to ensure the NIPS sees the same thing as the end host  Cons? ◦ High rate of false positives ◦ What if NIPS goes down?

8

9  Host based ◦ Installed on host computer ◦ Hooks onto kernel and looks at all system calls ◦ If system call isn’t normal, it is blocked. ◦ Use of “interceptors” - StormWatch  File system  Network  Configuration  Execution space  Cons? ◦ Resource intensive – checking all calls, sandboxing

10

11 I’ll answer if I know it

12 SANS Institute – Intrusion Prevention Systems by Dinesh Sequeira November 2002 Wikipedia – Intrusion Prevention Systems (For the basic stuff)

Download ppt "Presented by Justin Bode CS 450 – Computer Security February 17, 2010."

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Guanjong High School Group 2. Physical Network Access Security Getting into a network closet could easily allow someone to disable computers and connect.

Guanjong High School Group 2. Physical Network Access Security Getting into a network closet could easily allow someone to disable computers and connect.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Safe IT – Protect your computer and Family from unwanted programs viruses and websites.

Safe IT – Protect your computer and Family from unwanted programs viruses and websites.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Host Intrusion Prevention Systems & Beyond

Host Intrusion Prevention Systems & Beyond
Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.

Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.
Department Of Computer Engineering

Department Of Computer Engineering
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Security Guidelines and Management

Security Guidelines and Management
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Security’s Final Fantasy Virtual Networks with User Mode Linux.

Security’s Final Fantasy Virtual Networks with User Mode Linux.
Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.

Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Similar presentations

Ads by Google