1 / 11

Chapter 14 Intrusion Detection

Chapter 14 Intrusion Detection. Hacker Capabilities. Types of Attackers. TCP SYN Flood DoS Attack. Trinoo Network Attack. Tribal Flood Network (TFN) Attack. Buffer Overflow Attack. Detecting Intrusions. Statistical anomaly-based IDS Uses thresholds for various types of activities

lana-ramsey
Download Presentation

Chapter 14 Intrusion Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 14 Intrusion Detection

  2. Hacker Capabilities

  3. Types of Attackers

  4. TCP SYN Flood DoS Attack

  5. Trinoo Network Attack

  6. Tribal Flood Network (TFN) Attack

  7. Buffer Overflow Attack

  8. Detecting Intrusions • Statistical anomaly-based IDS • Uses thresholds for various types of activities • Pattern matching or signature-based IDS • Uses a set of rules to detect an attack • Content-based and context-based signatures • Cisco host-based and network-based IDS detect attacks based on signatures and anomalies

  9. Types of Signatures

  10. Case Study: Kevin Metnick’s Attack on Tsutomu Simomura’s Computers

More Related