Presentation is loading. Please wait.

Presentation is loading. Please wait.

23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion.

Similar presentations


Presentation on theme: "23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion."— Presentation transcript:

1 23-aug-05Intrusion detection system1

2 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion detection ? What is intrusion detection system Functions of IDS

3 23-aug-05Intrusion detection system3 Process models of intrusioin detection 1.Information sources 2.Analysis 3.Response

4 23-aug-05Intrusion detection system4 IDS Architecture Architecture collection/storage unit. Processing unit. Alarm/response units.

5 23-aug-05Intrusion detection system5 Information sources NIDS(network based IDs) HIDS(host based IDS) Application based IDS.

6 23-aug-05Intrusion detection system6 IDS Analysis/Techniques Misuse detection Anomaly detection Specification-based detection

7 23-aug-05Intrusion detection system7 Misuse detection Analyzes system activity Matches the patterns of activity of a system to that of an attack Advantages Disadvantages

8 23-aug-05Intrusion detection system8 Anomaly detection Identifies abnormal usual behavior. Matches the attack with normal pattern. Advantages Disadvantages

9 23-aug-05Intrusion detection system9 Specification based detection Combines anomaly & misuse detection. Advantages. Disadvantages.

10 23-aug-05Intrusion detection system10 Tools for IDS

11 23-aug-05Intrusion detection system11 Deploying IDS Deployment of NIDS. Deployment of HIDS.

12 23-aug-05Intrusion detection system12 Deployment of NIDS Figure Location 1 Location 2 Location 3 Location 4

13 23-aug-05Intrusion detection system13 Deployment of HIDS.

14 23-aug-05Intrusion detection system14 Strength of IDS Monitoring and analysis of system events and user behavior. Testing the security states of system configuration. Tracking any changes to the baseline of the security system. Recognizing patterns of the system events that corresponding to known attacks Recognizing patterns of normal activity.

15 23-aug-05Intrusion detection system15 Limitations Detecting newly published attacks Automatically investigating attacks without human interventions. Detecting attacks in heavily loaded networks.

16 23-aug-05Intrusion detection system16 Challenges with IDS Protecting IDS from attacks. Too many false alarms. Choosing grid IDS policy.

17 23-aug-05Intrusion detection system17 conclusion

18 23-aug-05Intrusion detection system18 Thank you


Download ppt "23-aug-05Intrusion detection system1. 23-aug-05Intrusion detection system2 Overview of intrusion detection system What is intrusion? What is intrusion."

Similar presentations


Ads by Google