Network Intrusion Detection - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Network Intrusion Detection

Description:

Network Intrusion Detection. 9th Sino-American Conference on Education ... SANS (System Administration, Networking, and Security) Institute: http://www.sans.org ... – PowerPoint PPT presentation

Number of Views:23
Avg rating:3.0/5.0
Slides: 10
Provided by: scottd62
Category:

less

Transcript and Presenter's Notes

Title: Network Intrusion Detection


1
Network Intrusion Detection
  • 9th Sino-American Conference on Education
  • June 18-25, 2001
  • Shanxi University
  • Taiyuan, Shanxi, PRC

2
Network Intrusion Detection
  • Information Gathering
  • Information Analysis
  • Response
  • Applications Devices
  • Other Resources

3
Information Gathering
  • Normal Profiles
  • Abnormal Signatures
  • Inbound Traffic Analysis
  • Audit Trail
  • On-the-Fly
  • Daily operational analysis (intuitive)

4
Information Analysis
  • What is an intrusion?
  • Traffic Analysis Indicators
  • Analysis Techniques

5
Traffic Analysis Indicators
  • Repetition
  • Vulnerability Exploits
  • Mysterious Behavior / Problems
  • Unexpected/Inconsistent Activity

6
Analysis Techniques
  • Pattern-matching Signatures
  • Dynamic Association
  • Statistical Profiling
  • Audit Reduction

7
Response
  • False Positives
  • Traceback Anonymity
  • Offensive Action Traps

8
Applications Devices
  • CISCO Secure IDS (formerly NetRanger)
  • http//www.cisco.com/warp/public/cc/pd/sqsw/sqidsz
    /
  • CheckPoint RealSecure
  • http//www.checkpoint.com/products/firewall-1/real
    secure.html
  • Network Flight Recorder Network Intrusion
    Detection (NFR NID)
  • http//www.nfr.com/products/NID/

9
Bibliography Resources
  • Amoroso, Edward. Intrusion Detection An
    Introduction to Internet Surveillance,
    Correlation, Trace Back, Traps, and Response.
    Intrusion.Net Books, 1999.
  • Garfinkel, Simson and Gene Spafford. Practical
    UNIX and Internet Security, 2nd Ed. OReilly
    Associates, 1996.
  • Northcutt, Stephen. Network Intrusion Detection
    An Analysts Handbook. New Riders Publishing,
    1999.
  • Computer Security Institute http//www.gocsi.com
    /
  • SANS (System Administration, Networking, and
    Security) Institute http//www.sans.org/
Write a Comment
User Comments (0)
About PowerShow.com