An%20Overview%20of%20Intrusion%20Detection%20 - PowerPoint PPT Presentation

About This Presentation
Title:

An%20Overview%20of%20Intrusion%20Detection%20

Description:

... 600-hertz tone that got him into the internal authorization system at the phone company. ... who are using, or attempting to use a computer system without ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 33
Provided by: rek
Learn more at: http://web.cs.wpi.edu
Category:

less

Transcript and Presenter's Notes

Title: An%20Overview%20of%20Intrusion%20Detection%20


1
An Overview of Intrusion Detection
Countermeasure Systems Research DirectionsPart
I
  • Fernando C. Colon Osorio
  • Computer Science Department
  • Worcester, MA 01609

2
Outline
  • Motivations
  • A Model of an Intrusion
  • Basic Approaches
  • The Measurement Problem
  • Research Directions
  • Conclusions

3
Historical Perspective
  • Circa 1972
  • John T. Draper discovered that he could make a
    free long-distance telephone call using a whistle
    from Cap Crunch cereal box. The whistle emitted
    a 2,600-hertz tone that got him into the internal
    authorization system at the phone company.
  • With a noisy device known as blue box, Draper
    soon to be known as Capn Crunch made it
    possible free long distance calls for many.
  • And so was born the modern technology of hacking
    (cracking) , maneuvering through security
    walls, rig something to avoid conventional
    protocols,

4
Motivations
  • In the last five-(5) years, the frequency and
    nature of attacks by crackers (inside and
    outside threats) has grown exponentially, see
    Figure 1.

5
Exponential Growth of Intrusions
6
Motivations
  • In the last five-(5) years, the frequency and
    nature of attacks by crackers (inside and
    outside threats) has grown exponentially, see
    Figure 1.
  • It has been reported that in a major eCommerce
    site 40 to 60 of IT resources during a six
    month period were devoted to dwarfing attacks.
  • Avivah Litan, a financial analyst for research
    firm Gartner, estimates that fraud cost e-tailers
    700 million in lost merchandise last year alone.
    A Gartner study also shows that 5.2 percent of
    online shoppers have been victimized by credit
    card fraud and 1.9 percent by identity theft.
  • Further, in a twelve month period, see Table 1
    below, at least six major break-ins have
    occurred, and the perpetrators have not been
    caught.

7
Motivations, contn
8
Motivations, contn
  • Needless to say, this is a real BIG!!! Problem
    for the industry and government.

9
Why the exponential increase?
  • Obviously, low cost powerful workstations and
    PCs for under 2K
  • The exponential growth of the web - of
    connected computers via a network!!!
  • eCommerce companies during the dot com boom,
    circa 1997-2001, rushed to deploy their sites
    on-line giving little or no consideration to the
    problem of security.
  • In spite of the significant increase in the
    identification and elimination of software flaws,
    the corresponding increase in the complexity of
    software systems (e.g., WINDOWS XP today is 40
    MB) has actually made the problem worst.
    Furthermore, a recent study by CERT/CC, and
    SecurityFocus.com 9 has shown that the rate at
    which new vulnerabilities, easily exploitable by
    hacker is growing is exponentially.

10
Why?, contn
  • In a single Phrase
  • Software/Systems functionality increase vs.
    Size/Complexity crisis!!!

11
Intrusion Detection System Definition
  • Formal Definition 10, 11
  • Intrusion Detection (ID) is the problem of
    identifying individuals who are using, or
    attempting to use a computer system without
    authorization (i.e., crackers) and those who have
    legitimate access to the system but are abusing
    their privileges (i.e., the insider threat).

12
Intrusion Timeline
  • System is Secure/Dependable

System is Secure/Dependable
Å’
Write a Comment
User Comments (0)
About PowerShow.com