Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. 컴퓨터와 인터넷 윤리 Professor I. J. Chung.

Slides:

Advertisements

Similar presentations

Computer security Viruses Hacking Backups

Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

Access Control Chapter 3 Part 5 Pages 248 to 252.

1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.

Ethics in Information Technology, Second Edition

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Computer Security: Principles and Practice

John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.

Department Of Computer Engineering

Network security policy: best practices

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

APA of Isfahan University of Technology In the name of God.

Alisha Horsfield INTERNET SAFETY. firewall Firewall- a system made to stop unauthorised access to or from a private network Firewalls also protects your.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Ethics in Information Technology, Second Edition 1 Computer & Society Week 4 Marwan Al-Namari.

Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.

BUSINESS B1 Information Security.

What does “secure” mean? Protecting Valuables

Prepared by: Dinesh Bajracharya Nepal Security and Control.

Orphaned Servers and Broken Processes 2007 Security Professionals Conference April 12, 2007.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Operating system Security By Murtaza K. Madraswala.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Name:Neha Madgaonkar Roll no:  What are intruders?  Types  Behavior  Techniques.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

Computer Network Forensics Lecture 6 – Intrusion Detection © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering,

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.

Hackers And Hacking.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.

1 A Network Security Monitor Paper By: Heberlein et. al. Presentation By: Eric Hawkins.

Chap1: Is there a Security Problem in Computing?.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

1 Figure 10-4: Intrusion Detection Systems (IDSs) Actions  Alarms  Interactive analysis Manual event inspection of raw log file Pattern retrieval 

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Venus Project Brief Description. What It Do What Monitor Log Analyze Block Narrow Report Search Where Single stations Internet Gates Special Devices Web.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

DoS Attacks Phishing Keylogging Computer Laws/Acts.

1 Ethics in Information Technology, Second Edition Computer & Society Week 5.

Incident Response Christian Seifert IMT st October 2007.

MANAGING INCIDENT RESPONSE By: Ben Holmquist. 2 Outline Key Terms and Understanding Personnel and Plan Preparation Incident Detection Incident Response.

Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Security Methods and Practice CET4884

3.6 Fundamentals of cyber security

Firmware threat Dhaval Chauhan MIS 534.

Managing Secure Network Systems

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Operating system Security

Answer the questions to reveal the blocks and guess the picture.

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Gregory Morton COSC380 February 16, 2011

Intrusion detection systems?

INFORMATION SYSTEMS SECURITY and CONTROL

Intrusion Detection Systems

Incident response and intrusion detection

Presentation transcript:

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. 컴퓨터와 인터넷 윤리 Professor I. J. Chung

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Breaches and hacking on computer system Prepare for the worst case Investigate and recognize the illegal access and thus prevents the harmful breaches and hacking Develop well in advance of any incident Ethical decision with respect to computer security includes decision which information system and data most need protection Confine the expected damages as little as possible Restore data and computer systems to normal state

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Breaches and hacking on computer system Provide the formal incident report for future Keep track and record all relevant data and information about security incidents such as: System events and login Specific and particular actions taken Outside communications Do these activities for future prosecution and help for incident eradication and follow-up

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Eradication effort Record all possible illegal criminal evidences from the system Create disk image and backup all compromised systems for future and as evidence Restore the backup system after the malfunction is eradicated Prevent the malfunctions or hacking from occurring again

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Intrusion Detection Intrusion detection algorithms with AI technologies BBID (Behavior-Based Intrusion Detection) KBID (Knowledge-Based Intrusion Detection) BBID (Behavior-Based Intrusion Detection) Watch the activities so far and recognize something abnormal if there exists some deviation Establish the model normal behavior of a system and users from reference sources e.g. access traffic at odd hours or users who have not used before KBID (Knowledge-Based Intrusion Detection) Apply the useful information such as specific attacks and system weak points Watch any attempts to exploit these system weak points e.g. repeated failed login, download a file or program to computer system

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Intrusion Prevention Stronger than intrusion detection Prevent the illegal attacks by blocking the viruses or other threats Common intrusion prevention: Firewall and/or network IPS(Intrusion Prevention System) Firewall and IPS are complementary in that Firewall blocks everything but authorized, valid accesses IPS allows everything but explicitly denied invalid accesses Firewall >> IPS Note: Can you distinguish firewall and IPS?

Prof. I. J. Chung Dept. of Computer & Information Science, Korea Univ. Intrusion Detection Honeypot Installs fake decoy server to identify and investigate the hackers Gives fake network information to the hackers