Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools.

Published byPeter Porter Modified over 9 years ago

Similar presentations

Presentation on theme: "By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools."— Presentation transcript:

1 By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools

2 Security Tools The term “Tools” –Not a replacement for experienced professionals (intelligence behind the wheel not under the hood) –Not a substitute for good security policies and procedures –Goals: Detect-Prevent-Delay-Mitigate

3 Security Tools Proliferating with increase in attacks Many claim to be “ the holy grail” Some marketing as “ the security solution” How do they fit into a security strategy

4 Security Service Model Courtesy of NIST pub.800-33

5 Security Tools Firewalls Host/Network based Intrusion Detection Intrusion Prevention Systems Network Scanners Security Event Management Systems File Integrity Systems Vulnerability Analyzers

6 Intrusion Detection Systems (IDS) Most IDS look for signature based suspicious activity –Known published attack signatures (i.e. viruses) New IDS models based on anomaly detection –Statistical Baseline operations Develop behavior profile Look for statistical differences Look for abnormal behavior –Packet signature or protocol anomalies

7 Intrusion Detection Control Network - PLCs

8 Intrusion Detection Control Network – SCADA System

9 Intrusion Detection Control Network - DCS

10 Intrusion Detection Cisco Firewall

11 Intrusion Prevention System (IPS) Inline NIDS that acts like a bridge –Basically a NIDS with blocking capability of a firewall –Sits between systems needing protection –Unlike bridge, does packet content analysis for signatures Layer Seven switches –Looks at layer 7 info ( DNS,HTTP,SMTP) and makes routing decisions –Good to protect against DOS attacks ( known signatures)

12 Intrusion Prevention System (IPS) Application Firewall /IDS –Typically loaded on host to be protected Comes with overhead that could be a management headache –Customizable to look for application behavior Memory management API calls Interaction between application and operating system Prevents by blocking unknown behavior –Can be dangerous for control systems

13 Vulnerability Scanners/Analyzers Passive fingerprinters –identifies host and devices on network –some will report services running Network vulnerability scanner –Views the network from a hacker’s perspective –Extremely noisy and prone to false positives –Dangerous Crashes target in many cases

14 IT Security Tools No Tool is “ The answer” Always use a layered approach –“Security–in-depth” Implement good policies and procedures before tools

Download ppt "By Jim White WiredCity, Div. of OSIsoft Copyright c 2004 OSIsoft Inc. All rights reserved. Cyber Security Tools."

Similar presentations

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
IDS/IPS Definition and Classification

IDS/IPS Definition and Classification
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
seminar on Intrusion detection system

seminar on Intrusion detection system
DIYTP 2009. Computer Security – Virus Scanners  Works in two ways:  List of known ‘bad’ files  Suspicious activity  Terminate and Stay Resident (TSR)

DIYTP Computer Security – Virus Scanners  Works in two ways:  List of known ‘bad’ files  Suspicious activity  Terminate and Stay Resident (TSR)
Host Intrusion Prevention Systems & Beyond

Host Intrusion Prevention Systems & Beyond
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

Similar presentations

Ads by Google