Presentation is loading. Please wait.

Presentation is loading. Please wait.

DETECTING INTRUSIONS By Matthew Morrow. WHAT ARE INTRUSIONS? Definition: “To compromise a computer system by breaking the security of such a system or.

Published byJulian Short Modified over 7 years ago

Similar presentations

Presentation on theme: "DETECTING INTRUSIONS By Matthew Morrow. WHAT ARE INTRUSIONS? Definition: “To compromise a computer system by breaking the security of such a system or."— Presentation transcript:

1 DETECTING INTRUSIONS By Matthew Morrow

2 WHAT ARE INTRUSIONS? Definition: “To compromise a computer system by breaking the security of such a system or causing it to enter into an insecure state.” - http://www.yourdictionary.com/intrusion http://www.yourdictionary.com/intrusion Types: Eavesdropping: “Listen in” or interpret the traffic on a network Identity Spoofing: Can create fake IP addresses to gain access to network Denial-Of-Service: Prevents normal use of network Flood network with traffic until shutdown occurs

3 SOME TERMS Detection Rate: Number of intrusions detected by the system False Alarm Rate: Number of false positives False Positive: No Attack-Alert True Positive: Attack-Alert False Negative: Attack-No Alert True Negative: No Attack-No Alert

4 INTRUSION DETECTION SYSTEM Also known as IDS The system on the network to detect intrusions Two types of IDS HIDS Deals with individual host computers NIDS Deals with the entire network Placed at strategic points within the network Monitors traffic Usually attached to firewalls Could bottleneck the network

5 MORE ON NIDS Looks for attack signatures to identify threats Usually a filter is applied to determine what should be discarded or passed on to an attack recognition module Strengths Ownership costs reduced Real time detection and response Independent operating system Evidence removal

6 SOME IDS PRODUCTS AnaDisk BlackICE Defender Cisco Secure IDS CyberCop Dragon Sensor Forensic Toolkit Klaxon LSOF Sentry Etc.

7 ANADISK Not free Non-Commercial single-user registration fee of $25 Commercial and multi-system site fee is $150 Examines, edits, and analyzing diskettes Two programs Adinstal: Determines diskette configuration of the computer being used Anadisk.exe: Modifies with the diskette configuration info Manual: http://www.8bit-micro.com/anadisk-man.htm

8 DRAGON SENSOR Watches live network packets for signs of computer crimes Once finding an attack, it sends the pages, email, and takes action to stop event and record for future forensic analysis Award winning UNIX based Intrusion Detection System from Enterasys http://www.intrusion-detection-system-group.co.uk/dragon.htm

9 SNORT Free and open source It is a prevention system and detection system for networks Developed by Sourcefire Real time traffic analysis and packet logging on Ips Demo: https://www.youtube.com/watch?v=6rCbgmuWldQ

10 REFERENCES Bradley, CISSP, MCSE2k, MCSA, A, Tony. "Introduction to Intrusion Detection Systems (IDS)." 15 Jan. 2014. Web. 23 Apr. 2015.. "Intrusion Detection FAQ: What Is Intrusion Detection?" SANS:. Web. 23 Apr. 2015.. "Intrusion Detection System." Wikipedia. Wikimedia Foundation, 1 Feb. 2014. Web. 14 Apr. 2015.. Mafra, P.m., J.s. Fraga, and A.o. Santin. "Algorithms for a Distributed IDS in MANETs." Journal of Computer and System Sciences (2014). Print. Scarfone, Karen, and Peter Mell. "Guide to Intrusion Detection and Prevention Systems (IDPS)." NIST (2007). Print.

Download ppt "DETECTING INTRUSIONS By Matthew Morrow. WHAT ARE INTRUSIONS? Definition: “To compromise a computer system by breaking the security of such a system or."

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
Guide to Network Defense and Countermeasures Third Edition

Guide to Network Defense and Countermeasures Third Edition
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
IDPS (Intrusion Detection & Prevention System )

IDPS (Intrusion Detection & Prevention System )
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,
John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.

John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.
Cs490ns - cotter1 Intrusion Detection. cs490ns - cotter2 Outline What is it? What types are there? –Network based –Host based –Stack based Benefits of.

Cs490ns - cotter1 Intrusion Detection. cs490ns - cotter2 Outline What is it? What types are there? –Network based –Host based –Stack based Benefits of.
By Edith Butler Fall 2008. Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.

By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Intrusion Detection - Arun Hodigere. Intrusion and Intrusion Detection Intrusion : Attempting to break into or misuse your system. Intruders may be from.

Intrusion Detection - Arun Hodigere. Intrusion and Intrusion Detection Intrusion : Attempting to break into or misuse your system. Intruders may be from.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering

Similar presentations

Ads by Google