1 / 12

Intruders

Intruders. Contents. Intrusion and intruder Intrusion techniques Intrusion prevention and detection. Intrusion. Entrance by force or without permission or welcome . Any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource.

alyssao
Download Presentation

Intruders

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Intruders

  2. Contents • Intrusion and intruder • Intrusion techniques • Intrusion prevention and detection

  3. Intrusion • Entrance by force or without permission or welcome. • Any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource. • The intentional insertion of electromagnetic energy into transmission paths in any manner with the objective of deceiving operators or of causing confusion.

  4. Intruder Someone who intrudes on the privacy or property of another without permission.

  5. Intrusion Techniques • The objective of the intruder is to gain access to a system or to increase the range of privileges accessible on a system. • system must maintain a file that associates a password with each authorized user.

  6. Intrusion Techniques • The password file can be protected in one of two ways: • One-way function: The system stores only the value of a function based on the user's password. When the user presents a password, the system transforms that password and compares it with the stored value. • Access control: Access to the password file is limited to one or a very few accounts.

  7. Intrusion Techniques • Number of password crackers, reports the following techniques for learning passwords: • Try default passwords used. • Try all short passwords (those of one to three characters). • Try words in the system's online dictionary or a list of likely passwords.

  8. Intrusion Techniques • Collect information about users, such as their full names. • Try users' phone numbers, social security numbers, and room numbers. • Use a Trojan horse.

  9. Intrusion prevention and detection

  10. Intrusion prevention and detection • The best intrusion prevention system will fail. A system's second line of defense is intrusion detection, and this has been the focus of much research in recent years. • Intruder Detection is Novell's way of tracking invalid password attempts.

  11. Intrusion detection approaches • Statistical anomaly detection: Involves the collection of data relating to the behavior of legitimate users over a period of time. Then statistical tests are applied to observed behavior to determine with a high level of confidence whether that behavior is not legitimate user behavior.

  12. Intrusion detection approaches • Rule-based detection: Involves an attempt to define a set of rules that can be used to decide that a given behavior is that of an intruder.

More Related