INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION - PowerPoint PPT Presentation

Loading...

PPT – INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION PowerPoint presentation | free to download - id: 3bb96c-NTNhM



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION

Description:

intrusion detection intrusion detection intrusion detection intrusion detectionintrusion detection intrusion detection ... – PowerPoint PPT presentation

Number of Views:756
Avg rating:5.0/5.0
Slides: 23
Provided by: csFsuEdu7
Learn more at: http://www.cs.fsu.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION


1
INTRUSION DETECTION INTRUSION DETECTION
INTRUSION
DETECTION INTRUSION DETECTION
INTRUSION DETECTION INTRUSION
DETECTION INTRUSION
DETECTION INTRUSION DETECTION
DETECTION INTRUSION
DETECTION INTRUSION DETECTION INTRUSION
DETECTION
INTRUSION DETECTION INTRUSION DETECTION
INTRUSION DETECTION
INTRUSION DETECTION INTRUSION
DETECTION INTRUSION DETECTION INTRUSION
DETECTION
INTRUSION DETECTION
INTRUSION DETECTION INTRUSION DETECTION
INTRUSION DETECTION INTRUSION
DETECTION
DETECTION INTRUSION DETECTION
INTRUSION DETECTION INTRUSION
DETECTION INTRUSION DETECTION
2
A presentation over term paperonintrusion
detectionbyanuja jain(MS in computer
science)monica achury(MS in computer science)
  • Anomaly Detection
  • Misuse Detection

3
Definition
  • INTRUSION
  • - The potential possibility of a deliberate
    unauthorized attempt to
  • Access information
  • Manipulate information
  • Render a system unreliable or unusable
  • INTRUSION DETECTION
  • - The process of identifying and responding to
    intrusion activities

4
Types of Intrusion
  • There are six types of Intrusions
  • Attempted break-ins
  • Masquerade attacks
  • Penetration of the security control system
  • Leakage
  • Denial of service
  • Malicious use

5
Intrusion Detection Techniques
  • Anomaly Detection
  • Static
  • Dynamic
  • Misuse Detection
  • Ex- NIDES, MIDAS, STAT

6
Anomaly Detection Systems
  • Statistical approaches
  • Tripwire, Self/Non-self
  • Dynamic /Predictive pattern generation
  • NIDES, Pattern Matching (UNM)

7
Anomaly Detection
probable intrusion
activity measures
Relatively high false positive rate -
anomalies can just be new normal activities.
8
Misuse Detection Systems
  • Expert Systems
  • Keystroke Monitoring
  • Model Based Intrusion Detection

9
Misuse Detection
Example if (src_ip dst_ip) then land attack
Cant detect new attacks
10
IDS Design
11
Components of IDS
system activities are observable
normal and intrusive activities have distinct
evidence
12
Important Features
  • Fault tolerant.
  • Minimum human supervision.
  • Resist subversion.
  • Minimal Overhead.
  • Platform Independent

Continued
13
  • Adaptable.
  • Easy to Deploy.
  • Detect different types of attacks.
  • Anomaly detection schemes
  • Misuse detection schemes
  • Combination of both
  • Hardware / Software must be synchronized.
  • Good data mining techniques

14
Data Mining
  • Definition The semi-automatic discovery of
    patterns, associations, changes, anomalies,
    rules, and statically significant structures and
    events in data.
  • Data such as,
  • Failed connection attempts
  • Connection delays
  • Source/Destination data packets

15
Data Mining Algorithms
  • Extract knowledge in the form of models
  • from data.
  • Classification
  • Regression
  • Clustering
  • Association rule abduction
  • Sequence Analysis
  • Others

16
Data Mining Techniques
  • It allows the system to collect useful knowledge
    that describes a users or programs behavior
    from large audit data sets.
  • Examples
  • Statistics
  • Artificial Neural Network
  • Rule Learning
  • Neuro-Fuzzy

17
IDS Evaluation
  • Rate of false positives
  • Attack detection rate
  • Maintenance cost
  • Total cost

18
IDS for Mobile Wireless Systems
19
Designing for Wireless Networks
  • Problems with Wireless Networks
  • Open Medium
  • Dynamic changing network topology
  • Lack of decentralized monitoring
  • Less known security measures
  • Data is harder to collect

20
One proposed IDS design by Georgia Institute of
Technology
  • Individual IDS agents are placed on each an every
    node.
  • Monitors local activities
  • User, system and communication activities
  • Nodes cooperate with each other.
  • Investigate together at a broader range
  • A secure communication channel among the IDS
    Agent.

21
references
  • Chebrolu, S., Abraham, A., Thomas, J.P. Feature
    Detection and Ensemble Design of Intrusion
    Detection Systems. Computers and security,
    http//dx.doi.org/10.1016/j.cose.2004.09.008
  • Zhang, Y., Lee, W., and Huang, Y. 2003. Intrusion
    detection techniques for mobile wireless
    networks. Wirel. Netw. 9, 5 (Sep. 2003), 545-556.
    DOI http//dx.doi.org/10.1023/A1024600519144
  • J.P Anderson. Computer Security Threat Monitoring
    and Surveillance. Technical report, James P
    Anderson Co., Fort Washington, Pennsylvania,
    April 1980
  • Eugene H Spafford. Security Seminar, Department
    of Computer Sciences, Purdue University, Jan
    1996.
  • Biswanath Mukherjee, L Todd Heberlein and Karl N
    Levitt. Network Intrusion Detection , IEEE
    Network, May/June 1994, pages 26-41.

22
Questions???
About PowerShow.com