Intrusion Detection and Advanced Persistent Threats - PowerPoint PPT Presentation

About This Presentation

Title:

Intrusion Detection and Advanced Persistent Threats

Description:

CS 591 Andrew Bates ... 100 200 300 400 500 600 700 800 900 1000 1100 1200 1300 1400 1500 1600 1700 1800 1900 2000 2100 2200 2300 2400 2500 2600 2700 2800 2900 4000 ... – PowerPoint PPT presentation

Number of Views:196

Avg rating:3.0/5.0

Slides: 11

Provided by: and135

Learn more at: http://cs.uccs.edu

Category:

Tags: advanced | detection | intrusion | persistent | threats

Transcript and Presenter's Notes

Title: Intrusion Detection and Advanced Persistent Threats

1
Intrusion Detection and Advanced Persistent
Threats

CS 591
Andrew Bates
University of Colorado at Colorado Springs

2
Introduction

What is the Advanced Persistent Threat
Pattern Based Intrusion Detection
Proposal
Conclusion

3
What is APT

Combination of many existing known threats not
just Phishing or Spear Phishing
Social Engineering
Zero Day Exploits
Botnets
Whats different? Persistent!
Exploits custom built for a given attack
Threat or attack can span many months
Very carefully crafted
Low Volume

4
APT and Intrusion Detection Systems

IDS very good at alerting known exploits and
vulnerabilities
IDS also good at identifying Denial of Service
(DoS) and Distributed DoS (DDoS) attacks
APT can be low volume and may not actually
exploit any known vulnerability
Targeted email that coerces victim to download
and run some software

5
Pattern Based Intrusion Detection

Always one step behind
Must know of a vulnerability in order to build
pattern
Can have very high false positive rate in large
organizations
Must know what normal behavior is
Very high maintenance

6
Pattern Based Intrusion Detection

On small networks can have hundreds of alerts in
short period of time
If the relationship between number of hosts and
number of alerts/false positives is linear

7
Proposal

Push IDS as close to the host as possible
Use learning algorithms to determine normal
activity
Trigger on anomalous activity
Score sessions based on triggers and then perform
more strenuous tests
Pattern matching, traffic analysis, etc.

8
Proposal

Leverage VM technology to place inline IDS/IPS
with host system
Funnel data to central collection/correlation
infrastructure
Alert on anomalous activity based on learned
normal behaviour

9
Conclusion

APT is just like any other threat, but may be
lower volume and more targeted
Pattern based IDS not well suited for APT
detection in an Enterprise
Push IDS towards the host, perhaps even on the
physical hardware
Learn normal behavior and trigger further tests
when abnormal behavior occurs

10
Questions?

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

World's Best PowerPoint Templates PowerPoint PPT Presentation

World's Best PowerPoint Templates - CrystalGraphics offers more PowerPoint templates than anyone else in the world, with over 4 million to choose from. Winner of the Standing Ovation Award for “Best PowerPoint Templates” from Presentations Magazine. They'll give your presentations a professional, memorable appearance - the kind of sophisticated look that today's audiences expect. Boasting an impressive range of designs, they will support your presentations with inspiring background photos or videos that support your themes, set the right mood, enhance your credibility and inspire your audiences.

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

The Vital Role of Managed Security Services Providers PowerPoint PPT Presentation

The Vital Role of Managed Security Services Providers - Don't leave your cybersecurity to chance. Embrace the expertise of a Managed Security Services Provider in Melbourne and fortify your defenses against persistent digital threats. | PowerPoint PPT presentation | free to view

Identifying and Mitigating Common Physical Security Threats and Risks PowerPoint PPT Presentation

Identifying and Mitigating Common Physical Security Threats and Risks - Physical security safeguards assets, properties, and individuals from a range of threats, including intruders, natural disasters, and more. Consultants assess specific risks and tailor security strategies, utilizing tools like surveillance and access control systems. They establish protocols, train employees, and ensure emergency readiness. By conducting audits and staying adaptable, organizations can proactively protect their resources with expert guidance. In the MEA region, DSP Consultants excel in advanced security solutions. | PowerPoint PPT presentation | free to view

Healthcare Cyber Security Market Scope, Industry Trends And Overview 2033 PowerPoint PPT Presentation

Healthcare Cyber Security Market Scope, Industry Trends And Overview 2033 - Global healthcare cyber security market size is expected to reach $47.8 Bn by 2028 at a rate of 20.1%, segmented as by threat type, malware, distributed denial of service (ddos), advanced persistent threats (apt), spyware, other treat types | PowerPoint PPT presentation | free to view

Advanced SIEM Solutions Services PowerPoint PPT Presentation

Advanced SIEM Solutions Services - At Seceon, we prioritize the confidentiality, integrity, and availability of your data. Our Online Advanced SIEM Solutions Services are designed to address the evolving cybersecurity landscape, empower your organization with actionable insights, and fortify your defenses against emerging threats. Call Us: +1 (978)-923-0040 | PowerPoint PPT presentation | free to view

Advanced Persistent Threat Protection Market - Forecast 2021 - 2026 PowerPoint PPT Presentation

Advanced Persistent Threat Protection Market - Forecast 2021 - 2026 - The market for Advanced Persistent Threat Protection is forecast to reach $14.6 billion by 2025, growing at a CAGR of 16.1% from 2020 to 2025. | PowerPoint PPT presentation | free to view

Comparing MDR to Traditional Cybersecurity Approaches PowerPoint PPT Presentation

Comparing MDR to Traditional Cybersecurity Approaches - Comparing MDR to Traditional Cybersecurity Approaches MDR vs. Traditional Cybersecurity: What’s the Difference? Traditional cyber security methods are becoming outdated. Enter Managed Detection and Response (MDR): 24/7 Monitoring for real-time threat detection. Expert Analysis for efficient threat handling. Active Response to mitigate risks swiftly. Why Switch? MDR offers a proactive, dynamic approach to security, keeping your business ahead of cyber threats. | PowerPoint PPT presentation | free to view

Fernando Aguirre, DHS Ventures' 5 Pioneering Approaches to Addressing Persistent Risks in the World of Investments PowerPoint PPT Presentation

Fernando Aguirre, DHS Ventures' 5 Pioneering Approaches to Addressing Persistent Risks in the World of Investments - The world of investments demands a forward-thinking approach to persistent risks, and Fernando Aguirre, along with DHS Ventures, leads the way with these five pioneering approaches. By combining strategic risk identification, adaptive portfolio diversification, technology-driven solutions, collaborative risk governance, and a commitment to continuous learning, Fernando Aguirre's insights guide investors toward a future where risks are not obstacles but stepping stones to success. | PowerPoint PPT presentation | free to view

PowerPoint PPT Presentation

- Security Analysts adopt a proactive approach known as Threat Hunting to uncover unfamiliar cyber threats within networks. This method employs iterative techniques to identify indicators of compromise, such as Advanced Persistent Threats (APTs) and Hacker tactics. Utilizing data analysis, Threat Hunters seek confidential clues beyond conventional detection methods to effectively prevent recurring cyberattacks. Gain valuable insights into threat hunting through Infosec Train's expert tips. | PowerPoint PPT presentation | free to view

Cybersecurity Course in Chandigarh PowerPoint PPT Presentation

Cybersecurity Course in Chandigarh - A threat refers to any potential danger or risk that could exploit vulnerabilities in digital systems, networks, or data. These threats come in various forms, including malicious software (malware), phishing attacks, data breaches, denial-of-service (DoS) attacks, and insider threats | PowerPoint PPT presentation | free to view

Information Security Analyst Training (1) PowerPoint PPT Presentation

Information Security Analyst Training (1) - InfosecTrain’s CompTIA CySA+ Certification Training is a Cyber Security Analyst certification that teaches how to discover cybersecurity vulnerabilities in the environment. This course provides information about advanced persistent threats, as well as setting and using threat-detection technologies. | PowerPoint PPT presentation | free to view

Information Security Analyst Online Training PowerPoint PPT Presentation

Information Security Analyst Online Training - InfosecTrain’s CompTIA CySA+ Certification Training is a Cyber Security Analyst certification that teaches how to discover cybersecurity vulnerabilities in the environment. This course provides information about advanced persistent threats, as well as setting and using threat-detection technologies. | PowerPoint PPT presentation | free to view

Cyber security course in Bhubaneswar PowerPoint PPT Presentation

Cyber security course in Bhubaneswar - Cybersecurity is a critical aspect of today's digital landscape, with cyber threats becoming increasingly sophisticated. In Bhubaneswar, Moxietek offers comprehensive cybersecurity courses designed to equip individuals with the skills needed to protect against cyber threats. | PowerPoint PPT presentation | free to view

Information Security Analyst Training PowerPoint PPT Presentation

Information Security Analyst Training - InfosecTrain’s CompTIA CySA+ Certification Training is a Cyber Security Analyst certification that teaches how to discover cybersecurity vulnerabilities in the environment. This course provides information about advanced persistent threats, as well as setting and using threat-detection technologies. | PowerPoint PPT presentation | free to view

Advanced Persistent Threat Protection Market Worth 8.7 Billion USD by 2020 PowerPoint PPT Presentation

Advanced Persistent Threat Protection Market Worth 8.7 Billion USD by 2020 - The market report defines and segments the global Advanced Persistent Threat Protection Market on the basis of solution, service, deployment, organization size, vertical, and region along with providing an in-depth analysis and market size estimations. | PowerPoint PPT presentation | free to view

https://www.jaspercolin.com/insights/blogs/eu-cyber-financial-onslaught-financial-assets-at-grave-risk-in-2023 PowerPoint PPT Presentation

https://www.jaspercolin.com/insights/blogs/eu-cyber-financial-onslaught-financial-assets-at-grave-risk-in-2023 - Explore Jasper Colin's latest study on leveraging AI-powered due diligence, data-driven insights, and advanced technology to strengthen the EU's cybersecurity framework. | PowerPoint PPT presentation | free to view

Advanced Persistent Threat Protection Market by Solution PowerPoint PPT Presentation

Advanced Persistent Threat Protection Market by Solution - Advanced persistent threat protection market categorizes the global market by solution as sandboxing, endpoint protection, forensic analysis, SIEM, IDS/IPS, next generation firewall, by service, by deployment, by vertical and by geography | PowerPoint PPT presentation | free to view

Unlock Your Future in Cybersecurity with the ULTIMATE SOC CAREER PowerPoint PPT Presentation

Unlock Your Future in Cybersecurity with the ULTIMATE SOC CAREER - At the heart of organizational security teams, SOC Specialists play a pivotal role in identifying and responding to emerging cyber threats and suspicious activities. InfosecTrain offers a specialized SOC Specialist training course tailored for individuals keen on mastering cybersecurity threat detection, assessment, and response techniques. This course, which is part of a two-part series alongside Part 1 - SOC Analyst, equips participants with the latest technical skills needed for advanced SOC operations. By completing this training, participants will enhance their ability to safeguard their organization's digital assets effectively. | PowerPoint PPT presentation | free to view

CompTIA Security+ SY0-601 Domain 1: Attacks, Threats, and Vulnerabilities PowerPoint PPT Presentation

CompTIA Security+ SY0-601 Domain 1: Attacks, Threats, and Vulnerabilities - CompTIA Security+ is a worldwide certification that verifies the fundamental skills required to execute basic security activities and build a career in information security. CompTIA Security+ SY0-601 is the latest version of the Security+ certification. | PowerPoint PPT presentation | free to view

What is Threat Management? PowerPoint PPT Presentation

What is Threat Management? - Threat management is a process that is used by cybersecurity analysts, incident responders and threat hunters to prevent cyberattacks, detect cyberthreats and respond to security incidents. Call us: +1 (978)-923-0040 | PowerPoint PPT presentation | free to view

APT Market Present Scenario and Growth Prospects from 2017 to 2024 PowerPoint PPT Presentation

APT Market Present Scenario and Growth Prospects from 2017 to 2024 - Request for TOC report @ http://bit.ly/2usIBq7 Advanced cyber-attacks are expected in the coming years which will multiply the exploitation and malwares being capable of penetrating in the organization may hamper the data security. Increasing number of attacks, false flags, rising number of attackers, and more damage will lead to increase in advanced persistent threats industry during the forecast period. | PowerPoint PPT presentation | free to view

Top Fraud Trends for 2024 & How to Prevent Them PowerPoint PPT Presentation

Top Fraud Trends for 2024 & How to Prevent Them - Stay ahead of cyber threats in 2024! Learn about top fraud trends and prevention strategies. Arm your business with insights from Cyber News Live. Learn more. | PowerPoint PPT presentation | free to view

Cyber Risk Management - Challenges and Remedies PowerPoint PPT Presentation

Cyber Risk Management - Challenges and Remedies - Cyber threats are increasing day by day. Adopting a risk-based cyber security strategy where you continually examine your risks is the most effective way to safeguard your organisation against cyber threats. | PowerPoint PPT presentation | free to view

CompTIA CySA+ domains and their Weightage PowerPoint PPT Presentation

CompTIA CySA+ domains and their Weightage - CompTIA CySA+ is an acronym for Computing Technology Industry Association (CompTIA) CyberSecurity Analysts (CySA). It is an intermediate-level certification that is awarded by CompTIA to professionals who apply behavioral analytics to detect, prevent, and combat cybersecurity threats by continuous monitoring. | PowerPoint PPT presentation | free to view

Advanced network security solutions in Bhubaneswar PowerPoint PPT Presentation

Advanced network security solutions in Bhubaneswar - With the recent horror of Ransomeware, online security is the major concern for the firms and their data. Visit www.desklinksolutions.com for advanced network security solutions in Bhubaneswar. | PowerPoint PPT presentation | free to view

cyber security course hyderabad PowerPoint PPT Presentation

cyber security course hyderabad - This cybersecurity course lends focus to cybersecurity fundamentals, cybersecurity concepts, security architecture principles, security of networks, systems, applications and data, incident response and adoption of evolving technologies in cybersecurity. Study about common attack types and vectors, types of information security policies, firewalls, intrusion detection system, encryption techniques, cryptography, process controls, disaster recovery, advanced persistent threats and much more in the best cybersecurity course in 360DigiTMG. 360digitmg cyber security training hyderabad | PowerPoint PPT presentation | free to view

Section 1 Internet Overview PowerPoint PPT Presentation

Section 1 Internet Overview - INTERNET SECURITY - Advanced | PowerPoint PPT presentation | free to view

Exploring the $70.83 Billion Vaccine Market, Trends & Future Forecast PowerPoint PPT Presentation

Exploring the $70.83 Billion Vaccine Market, Trends & Future Forecast - The vaccine industry is driven by the ongoing need to immunize populations against infectious diseases and the continuous research and development efforts to create new vaccines for emerging threats. The global vaccine market size is expected to reach a staggering $70.83 billion by 2028, boasting a healthy CAGR (Compound Annual Growth Rate) of 5.36% between 2024 and 2028. | PowerPoint PPT presentation | free to view