Intrusion Detection System(???????) - PowerPoint PPT Presentation

Loading...

PPT – Intrusion Detection System(???????) PowerPoint presentation | free to download - id: 6cabab-M2U4M



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Intrusion Detection System(???????)

Description:

Intrusion Detection System( ) Wireless/Mobile Network Lab 1. IDS ? 1.1 IDS 2. IDS ? 2.1 ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 18
Provided by: EBO91
Learn more at: http://wm.hanyang.ac.kr
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Intrusion Detection System(???????)


1
Intrusion Detection System(???????)
  • Wireless/Mobile Network Lab
  • ???

2
  • 1. IDS? ?
  • 1.1 IDS ??
  • 2. ? IDS? ?????
  • 2.1 ???? ???? ??
  • 2.2 ???? ???? ??? ????
  • 3. IDS? ??
  • 4. SNORT? ??
  • 4.1 Snort ??? ??? ??
  • 4.2 Snort? ??
  • 4.3 Snort? ???
  • 4.4 ?? ??(Detection Engine)
  • 4.5 Snort? ??
  • 4.6 ??
  • 4.7 ?? ??

3
1. IDS? ?
  • IDS? ??? ?? ?? ??? ??? ??? ?? ??????? Expert
    System? ??? ????? ???? ??? ??? ?????? ??? ???? ??
    ?????.
  • IDS? ???? ?? ?????? ??, ??? ?-?, ??, ?? ? ??? ???
    ?? ???? ??? ????? ?? ?? ???? ??? ??? ?? ?? ? ??
    ???? ????? ??? ???? ??? ???? ??? ???? ??? ???
    ???? ?? ?????.

4
1.1 IDS ??
  • IDS? ????? ??? ?? ???? ?? IDS? ??? ?? IDS? ?? ?
    ??.
  • ??? ?? IDS? ??? ??? ???? ??? ??? ?? ????? ???
    ???? ?? ??? ????? ?????.
  • ???? ?? IDS? ????? ?? ???? ???? ????? ????? ???
    ???? ??? ?????.

5
2. ? IDS? ?????
  • ???? ???(IDS) ? ???? ???(Fire Wall ???)? ?? ???
    ?? ????? ???? ?? ??? ???? ???? ???? ??? ????? ??,
    ?? ?? ??? ????? ???? ??? ????? ??? ??? ??? ? ??
    ?? ???? ?? ??? ???? ?? ????.

6
2.1 ???? ???? ??
  • ??? ??? ???? ?? ?? ??- ????? ??- ???? ?? ????
    ?? ???? ? ? ??? ????? ???? ??
  • ????? ???? ?? ?? ??- ????? ?? ??(Anomaly
    Detection)- ???? ??(Misuse Detection)

7
2.2 ???? ???? ??? ????
  • ?????? ???? ?? ??? ???? ?? ???  ?? ?? ? ?????
    ??? ??? ????.(?????? ???? ?? ??, ?? ??? ???)
  • ???? ? ???? ????? ??? ???? ???? ???? ??
  • ?? ? ?????? ????? ???? ??? ???????? ??
  • ?? ? ???? ???? ?????? ????? ???? ???? ??? ??? ??

8
3. IDS? ??  
  • ????? ???? ??? ??? ????? ???? ??? ???.
  • ?????? ???? ??? ???? ?? ??? ??? ? ??. ?? ?? ??
    ???? ???? ??? ID ??? ?? ?????? ??? ????.
  • ???? IP? ???? ??? ????.??? ???? ??? IP?? ??? ??
    ???? ???? ??? IP? ?????? ????  ????? ???? IDS?
    IP? ???? ?? ??? ?? ??? ????? ?? ????.
  • ??? ??? ?? ????.????? ????? ? ??? ?? ??? ????,
    ?????, ???? ??? ?? ??,  ???? ??? ????? ??? ???
    ??? ? ??.

9
4. SNORT? ??
  • SNORT? IP network ??? ??? traffic ??? packet
    logging? ???? ???? ?? ??? ???? ?? ?? ?????.
  • snort? ???? ??? packet? ?? ??, ????? ????, ??
    ?????? ??? ????,CGI ??,SMB ??,OS fingerprinting
    ?? ? ??? ??? ??? ????? ??? ? ??.
  • traffic? ???? ?? ??? modular plug-in ??? ?? ??
    ??? ?? ?? ??? rule language? ????.

10
4.1 Snort ??? ??? ??
  • snort? tcpdump? ?? packet sniffer? ?? ??? ? ??.
  • ???? traffic debugging? ??? packet logger ??? ??.

11
4.2 Snort? ??
  • ?? ??? ?? (110k??)
  • ?? ???? ???? ??.(Linux,Solaris,BSD,IRIX,HP-UX,Win
    dows)
  • ??? ?? ??? ?? ?? ??? ???.
  • snort? ?? ?? IDS ??? ?? ?? ??.
  • GPL/Open Source ???????.

12
4.3 Snort? ???
  • ?? ???(packet sniffing)? ??? IDS ???
  • ?? ??? ??? libpcap? ???????.
  • ? ??(rule based)?? ?? ?? Detection Engine)? ???
    ??.
  • ?? ??,tcpdump ?? ??, ??? ??, ???, ???? ???? ????
    ??? ??? ????? ??? ?? ??.

13
4.4 ?? ??(Detection Engine)
  • ?(rule)?? ????(signature)? ????.
  • ??? ??(stealth scan)?? OS ?? ??(fingerprinting),
    ??? ICMP ?? ???? ????? ?? ??? ??? ? ??.

14
4.5 Snort? ??
  • TCP ??? ???(reassembly)? ???? ????. ??? ?? ????
    ??? ?? ??? ?? ??. whisker ?? ??? ??? ???? ??? ?
    ?? ????? ?? ??.
  • IP ?? ??(fragmented packet)? ??? ???? ? ? ??. ??
    minfrag?? ? ??? ???? ?? ??? ?? ??? ??? ? ??.
  • ?? ??? ???.

15
4.6 ??(cont.)
16
(No Transcript)
17
4.7 ?? ??
About PowerShow.com