SlideShare a Scribd company logo

INTRUSION DETECTION TECHNIQUES

•Download as PPT, PDF•
•
Trinity Dwarka
Trinity Dwarka

Computer Application- INTRUSION DETECTION TECHNIQUES Statistical anomaly detection Threshold detection Rule-based detection Anomaly detection Penetration identification Time-Stamp Resource-Usage Exception-Condition

Education
1 of 14
TRINITY INSTITUTE OF PROFESSIONAL STUDIESSector – 9, Dwarka Institutional Area, New Delhi-75 Affiliated Institution of G.G.S.IP.U, Delhi Advance Computer networks(20311) Submitted By :Submitted By : Natasha ManiktahlaNatasha Maniktahla (Assistant Professor)(Assistant Professor)
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES System’s second line of defense is Intrusion Detection. 1) If an intrusion is detected quickly enough, the intruder can be identified & ejected from the system before any damage is done or any data is compromised. 2) An effective intrusion detection system can serve as a deterrent, acting to prevent intrusion. 3)Intrusion detection can enable the collection of information about intrusion techniques that can be used to strengthen the intrusion prevention facility.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Various approaches to intrusion detection: 1.Statistical anomaly detection: Involves the collection of data relating to the behavior of legitimate users over a period of time. Then statistical tests are applied to observed behavior to determine with a high level of confidence whether that behavior is not legitimate user behavior. i.Threshold detection: This approach involves defining thresholds, independent of user, for the frequency of occurrence of various events.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES 2.Rule-based detection: Involves an attempt to define a set of rules that can be used to decide that a given behavior is that of an intruder. i.Anomaly detection: Rules are developed to detect deviation from previous usage patterns. ii.Penetration identification: An expert system approach that searches for suspicious behavior.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Audit Records: A fundamental tool for intrusion detection is the audit record. Some record of ongoing activity by users must be maintained as input to an intrusion detection system. Basically, two plans are used: Native audit records: Virtually all multiuser operating systems include accounting software that collects information on user activity. The advantage of using this information is that no additional collection software is needed. The disadvantage is that the native audit records may not contain the needed information or may not contain it in a convenient form.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Detection-specific audit records: A collection facility can be implemented that generates audit records containing only that informationrequiredbytheintrusiondetectionsystem. One advantage of such an approach is that it could be made vendor independent and ported to a variety of systems. •Subject: Initiators of actions. A subject is typically a terminal user but might also be a process acting on behalf of users or groups of users. All activity arises through commands issued by subjects. Subjects may be grouped into different access classes, and these classes may overlap.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES •Action: Operation performed by the subject on or with an object; for example, login, read, perform I/O, execute. •Exception-Condition: Denotes which, if any, exception condition is raised in return. •Resource-Usage: A list of quantitative elements in which each element gives the amount used of some resource (e.g., number of lines printed or displayed, number of records read or written, processor time, I/O units used, session elapsed time). •Time-Stamp: Unique time-and-date stamp identifying when the action took place.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Rule-Based Intrusion Detection: Rule-based techniques detect intrusion by observing events in the system and applying a set of rules that lead to a decision regarding whether a given pattern of activity is or is not suspicious. In very general terms, we can characterize all approaches as focusing on either anomaly detection or penetration identification, although there is some overlap in these approaches.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Rule-based anomaly detection is similar in terms of its approach and strengths to statistical anomaly detection. With the rule-based approach, historical audit records are analyzed to identify usage patterns and to generate automatically rules that describe those patterns. Rules may represent past behavior patterns of users, programs, privileges, time slots, terminals, and so on
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • Rule-based penetration identification takes a very different approach to intrusion detection. The key feature of such systems is the use of rules for identifying known penetrations or penetrations that would exploit known weaknesses. Rules can also be defined that identify suspicious behavior, even when the behavior is within the bounds of established patterns of usage. Typically, the rules used in these systems are specific to the machine and operating system. The most fruitful approach to developing such rules is to analyze attack tools and scripts collected on the Internet. These rules can be supplemented with rules generated by knowledgeable security personnel.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • As with statistical anomaly detection, rule- based anomaly detection does not require knowledge of security vulnerabilities within the system. Rather, the scheme is based on observing past behavior and, in effect, assuming that the future will be like the past. In order for this approach to be effective, a rather large database of rules will be needed.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified. Of course, we cannot expect that there will be a crisp, exact distinction between an attack by an intruder and the normal use of mechanisms.
TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 Thank You...

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
Vishwanath Badiger
 
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Jowin John Chemban
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Roshan Ranabhat
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
Aj Maurya
 
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection SystemsUsing Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Omar Shaya
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
gaurav koriya
 

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
Vishwanath Badiger
 
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Seminar Presentation | Network Intrusion Detection using Supervised Machine L...
Jowin John Chemban
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Roshan Ranabhat
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
Sheetal Verma
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
Aj Maurya
 
Using Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection SystemsUsing Machine Learning in Networks Intrusion Detection Systems
Using Machine Learning in Networks Intrusion Detection Systems
Omar Shaya
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
gaurav koriya
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
Papun Papun
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
AAKASH S
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
Avinash Kumar
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Aparna Bhadran
 
Authentication Protocols
Authentication ProtocolsAuthentication Protocols
Authentication Protocols
Trinity Dwarka
 
Intrusion Detection with Neural Networks
Intrusion Detection with Neural NetworksIntrusion Detection with Neural Networks
Intrusion Detection with Neural Networks
antoniomorancardenas
 
Introduction To Intrusion Detection Systems
Introduction To Intrusion Detection SystemsIntroduction To Intrusion Detection Systems
Introduction To Intrusion Detection Systems
Paul Green
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
Disha Bedi
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
ijtsrd
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
Bikrant Gautam
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEM
Apoorv Pandey
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Akhil Kumar
 
Network forensic
Network forensicNetwork forensic
Network forensic
Manjushree Mashal
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Intrusion Detection System Project Report
Intrusion Detection System Project ReportIntrusion Detection System Project Report
Intrusion Detection System Project Report
Raghav Bisht
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
ToĂąo Herrera
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
Santosh Khadsare
 
Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
Gregory Hanis
 
Intrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless NetworksIntrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless Networks
guest1b5f71
 

More Related Content

What's hot

Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
AAKASH S
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
ijtsrd
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
Bikrant Gautam
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEM
Apoorv Pandey
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
Akhil Kumar
 

What's hot (20)

Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Deep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection systemDeep learning approach for network intrusion detection system
Deep learning approach for network intrusion detection system
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Authentication Protocols
Authentication ProtocolsAuthentication Protocols
Authentication Protocols
 
Intrusion Detection with Neural Networks
Intrusion Detection with Neural NetworksIntrusion Detection with Neural Networks
Intrusion Detection with Neural Networks
 
Introduction To Intrusion Detection Systems
Introduction To Intrusion Detection SystemsIntroduction To Intrusion Detection Systems
Introduction To Intrusion Detection Systems
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEM
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Network forensic
Network forensicNetwork forensic
Network forensic
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Intrusion Detection System Project Report
Intrusion Detection System Project ReportIntrusion Detection System Project Report
Intrusion Detection System Project Report
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
IDS and IPS
IDS and IPSIDS and IPS
IDS and IPS
 

Viewers also liked

Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
Gregory Hanis
 
Intrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless NetworksIntrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless Networks
guest1b5f71
 
Intrusion detection in wireless sensor network
Intrusion detection in wireless sensor networkIntrusion detection in wireless sensor network
Intrusion detection in wireless sensor network
Vinayak Raja
 

Viewers also liked (7)

Intrusion Detection
Intrusion DetectionIntrusion Detection
Intrusion Detection
 
Intrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless NetworksIntrusion Detection Techniques for Mobile Wireless Networks
Intrusion Detection Techniques for Mobile Wireless Networks
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I think
 
Intrusion Detection System for Applications using Linux Containers
Intrusion Detection System for Applications using Linux ContainersIntrusion Detection System for Applications using Linux Containers
Intrusion Detection System for Applications using Linux Containers
 
Intrusion detection in wireless sensor network
Intrusion detection in wireless sensor networkIntrusion detection in wireless sensor network
Intrusion detection in wireless sensor network
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
EAACK-A Secure Intrusion Detection System Overview
EAACK-A Secure Intrusion Detection System OverviewEAACK-A Secure Intrusion Detection System Overview
EAACK-A Secure Intrusion Detection System Overview
 

Similar to INTRUSION DETECTION TECHNIQUES

Review of Intrusion and Anomaly Detection Techniques
Review of Intrusion and Anomaly Detection Techniques Review of Intrusion and Anomaly Detection Techniques
Review of Intrusion and Anomaly Detection Techniques
IJMER
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern mining
eSAT Journals
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern mining
eSAT Journals
 
An introduction to intrusion detection systems
An introduction to intrusion detection systemsAn introduction to intrusion detection systems
An introduction to intrusion detection systems
UltraUploader
 
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
ijcsit
 
Detecting Anomaly IDS in Network using Bayesian Network
Detecting Anomaly IDS in Network using Bayesian NetworkDetecting Anomaly IDS in Network using Bayesian Network
Detecting Anomaly IDS in Network using Bayesian Network
IOSR Journals
 
Implementing a Robust Network-Based Intrusion Detection System
Implementing a Robust Network-Based Intrusion Detection SystemImplementing a Robust Network-Based Intrusion Detection System
Implementing a Robust Network-Based Intrusion Detection System
theijes
 

Similar to INTRUSION DETECTION TECHNIQUES (20)

A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
 
Review of Intrusion and Anomaly Detection Techniques
Review of Intrusion and Anomaly Detection Techniques Review of Intrusion and Anomaly Detection Techniques
Review of Intrusion and Anomaly Detection Techniques
 
Layered approach
Layered approachLayered approach
Layered approach
 
A Review of Machine Learning based Anomaly Detection Techniques
A Review of Machine Learning based Anomaly Detection TechniquesA Review of Machine Learning based Anomaly Detection Techniques
A Review of Machine Learning based Anomaly Detection Techniques
 
IRJET- A Review on Application of Data Mining Techniques for Intrusion De...
IRJET- A Review on Application of Data Mining Techniques for Intrusion De...IRJET- A Review on Application of Data Mining Techniques for Intrusion De...
IRJET- A Review on Application of Data Mining Techniques for Intrusion De...
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern mining
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern mining
 
An introduction to intrusion detection systems
An introduction to intrusion detection systemsAn introduction to intrusion detection systems
An introduction to intrusion detection systems
 
Comparison of Data Mining Techniques used in Anomaly Based IDS
Comparison of Data Mining Techniques used in Anomaly Based IDS Comparison of Data Mining Techniques used in Anomaly Based IDS
Comparison of Data Mining Techniques used in Anomaly Based IDS
 
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
INTRUSION DETECTION USING FEATURE SELECTION AND MACHINE LEARNING ALGORITHM WI...
 
Cyber intrusion
Cyber intrusionCyber intrusion
Cyber intrusion
 
A Comprehensive Review On Intrusion Detection System And Techniques
A Comprehensive Review On Intrusion Detection System And TechniquesA Comprehensive Review On Intrusion Detection System And Techniques
A Comprehensive Review On Intrusion Detection System And Techniques
 
Kx3419591964
Kx3419591964Kx3419591964
Kx3419591964
 
Detecting Anomaly IDS in Network using Bayesian Network
Detecting Anomaly IDS in Network using Bayesian NetworkDetecting Anomaly IDS in Network using Bayesian Network
Detecting Anomaly IDS in Network using Bayesian Network
 
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
IRJET- An Intrusion Detection Framework based on Binary Classifiers Optimized...
 
Self Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized ActivitySelf Monitoring System to Catch Unauthorized Activity
Self Monitoring System to Catch Unauthorized Activity
 
Implementing a Robust Network-Based Intrusion Detection System
Implementing a Robust Network-Based Intrusion Detection SystemImplementing a Robust Network-Based Intrusion Detection System
Implementing a Robust Network-Based Intrusion Detection System
 
5
55
5
 
penetration testing.pptx
penetration testing.pptxpenetration testing.pptx
penetration testing.pptx
 

More from Trinity Dwarka

Why BAJMC in Trinity Dwarka
Why BAJMC in Trinity DwarkaWhy BAJMC in Trinity Dwarka
Why BAJMC in Trinity Dwarka
Trinity Dwarka
 
Career Options after BCA
Career Options after BCACareer Options after BCA
Career Options after BCA
Trinity Dwarka
 

More from Trinity Dwarka (20)

Why BAJMC in Trinity Dwarka
Why BAJMC in Trinity DwarkaWhy BAJMC in Trinity Dwarka
Why BAJMC in Trinity Dwarka
 
Career Options after BCA
Career Options after BCACareer Options after BCA
Career Options after BCA
 
Principles of Management-Management-Concept & Meaning
Principles of Management-Management-Concept & Meaning Principles of Management-Management-Concept & Meaning
Principles of Management-Management-Concept & Meaning
 
Principles of Management- Management Process & Functions
Principles of Management- Management Process & FunctionsPrinciples of Management- Management Process & Functions
Principles of Management- Management Process & Functions
 
Principles of Management- Managerial Levels & Roles-
Principles of Management- Managerial Levels & Roles-Principles of Management- Managerial Levels & Roles-
Principles of Management- Managerial Levels & Roles-
 
Management-Concept & Meaning
Management-Concept & Meaning Management-Concept & Meaning
Management-Concept & Meaning
 
Principles of Management- Planning
Principles of Management- PlanningPrinciples of Management- Planning
Principles of Management- Planning
 
Organizing Authority & Responsibility- Principles of Management
Organizing Authority & Responsibility- Principles of Management Organizing Authority & Responsibility- Principles of Management
Organizing Authority & Responsibility- Principles of Management
 
Staffing- Principles of Management
Staffing- Principles of Management Staffing- Principles of Management
Staffing- Principles of Management
 
Directing-Principles of Management
Directing-Principles of Management Directing-Principles of Management
Directing-Principles of Management
 
Dimensional Modelling-Data Warehouse & Data Mining
Dimensional Modelling-Data Warehouse & Data Mining Dimensional Modelling-Data Warehouse & Data Mining
Dimensional Modelling-Data Warehouse & Data Mining
 
Data Preprocessing- Data Warehouse & Data Mining
Data Preprocessing- Data Warehouse & Data MiningData Preprocessing- Data Warehouse & Data Mining
Data Preprocessing- Data Warehouse & Data Mining
 
Computer Networks- Network Basics
Computer Networks- Network BasicsComputer Networks- Network Basics
Computer Networks- Network Basics
 
Java Programming- Introduction to Java Applet Programs
Java Programming- Introduction to Java Applet ProgramsJava Programming- Introduction to Java Applet Programs
Java Programming- Introduction to Java Applet Programs
 
Linux Environment- Linux vs Unix
Linux Environment- Linux vs UnixLinux Environment- Linux vs Unix
Linux Environment- Linux vs Unix
 
Linux Environment- Linux Basics
Linux Environment- Linux BasicsLinux Environment- Linux Basics
Linux Environment- Linux Basics
 
BCA-Mobile Computing- BASICS OF MOBILE COMPUTING
BCA-Mobile Computing- BASICS OF MOBILE COMPUTINGBCA-Mobile Computing- BASICS OF MOBILE COMPUTING
BCA-Mobile Computing- BASICS OF MOBILE COMPUTING
 
INTRODUCTION TO INFORMATION TECHNOLOGY- IT Basics
INTRODUCTION TO INFORMATION TECHNOLOGY- IT BasicsINTRODUCTION TO INFORMATION TECHNOLOGY- IT Basics
INTRODUCTION TO INFORMATION TECHNOLOGY- IT Basics
 
Database Management System
Database Management System Database Management System
Database Management System
 
JAVA PROGRAMMING- OOP Concept
JAVA PROGRAMMING- OOP ConceptJAVA PROGRAMMING- OOP Concept
JAVA PROGRAMMING- OOP Concept
 

Recently uploaded

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
AnaAcapella
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Recently uploaded (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Dyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptxDyslexia AI Workshop for Slideshare.pptx
Dyslexia AI Workshop for Slideshare.pptx
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Spellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please PractiseSpellings Wk 3 English CAPS CARES Please Practise
Spellings Wk 3 English CAPS CARES Please Practise
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 

INTRUSION DETECTION TECHNIQUES

  • 1. TRINITY INSTITUTE OF PROFESSIONAL STUDIESSector – 9, Dwarka Institutional Area, New Delhi-75 Affiliated Institution of G.G.S.IP.U, Delhi Advance Computer networks(20311) Submitted By :Submitted By : Natasha ManiktahlaNatasha Maniktahla (Assistant Professor)(Assistant Professor)
  • 2. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES System’s second line of defense is Intrusion Detection. 1) If an intrusion is detected quickly enough, the intruder can be identified & ejected from the system before any damage is done or any data is compromised. 2) An effective intrusion detection system can serve as a deterrent, acting to prevent intrusion. 3)Intrusion detection can enable the collection of information about intrusion techniques that can be used to strengthen the intrusion prevention facility.
  • 3. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES
  • 4. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Various approaches to intrusion detection: 1.Statistical anomaly detection: Involves the collection of data relating to the behavior of legitimate users over a period of time. Then statistical tests are applied to observed behavior to determine with a high level of confidence whether that behavior is not legitimate user behavior. i.Threshold detection: This approach involves defining thresholds, independent of user, for the frequency of occurrence of various events.
  • 5. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES 2.Rule-based detection: Involves an attempt to define a set of rules that can be used to decide that a given behavior is that of an intruder. i.Anomaly detection: Rules are developed to detect deviation from previous usage patterns. ii.Penetration identification: An expert system approach that searches for suspicious behavior.
  • 6. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Audit Records: A fundamental tool for intrusion detection is the audit record. Some record of ongoing activity by users must be maintained as input to an intrusion detection system. Basically, two plans are used: Native audit records: Virtually all multiuser operating systems include accounting software that collects information on user activity. The advantage of using this information is that no additional collection software is needed. The disadvantage is that the native audit records may not contain the needed information or may not contain it in a convenient form.
  • 7. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Detection-specific audit records: A collection facility can be implemented that generates audit records containing only that informationrequiredbytheintrusiondetectionsystem. One advantage of such an approach is that it could be made vendor independent and ported to a variety of systems. •Subject: Initiators of actions. A subject is typically a terminal user but might also be a process acting on behalf of users or groups of users. All activity arises through commands issued by subjects. Subjects may be grouped into different access classes, and these classes may overlap.
  • 8. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES •Action: Operation performed by the subject on or with an object; for example, login, read, perform I/O, execute. •Exception-Condition: Denotes which, if any, exception condition is raised in return. •Resource-Usage: A list of quantitative elements in which each element gives the amount used of some resource (e.g., number of lines printed or displayed, number of records read or written, processor time, I/O units used, session elapsed time). •Time-Stamp: Unique time-and-date stamp identifying when the action took place.
  • 9. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Rule-Based Intrusion Detection: Rule-based techniques detect intrusion by observing events in the system and applying a set of rules that lead to a decision regarding whether a given pattern of activity is or is not suspicious. In very general terms, we can characterize all approaches as focusing on either anomaly detection or penetration identification, although there is some overlap in these approaches.
  • 10. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES Rule-based anomaly detection is similar in terms of its approach and strengths to statistical anomaly detection. With the rule-based approach, historical audit records are analyzed to identify usage patterns and to generate automatically rules that describe those patterns. Rules may represent past behavior patterns of users, programs, privileges, time slots, terminals, and so on
  • 11. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • Rule-based penetration identification takes a very different approach to intrusion detection. The key feature of such systems is the use of rules for identifying known penetrations or penetrations that would exploit known weaknesses. Rules can also be defined that identify suspicious behavior, even when the behavior is within the bounds of established patterns of usage. Typically, the rules used in these systems are specific to the machine and operating system. The most fruitful approach to developing such rules is to analyze attack tools and scripts collected on the Internet. These rules can be supplemented with rules generated by knowledgeable security personnel.
  • 12. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • As with statistical anomaly detection, rule- based anomaly detection does not require knowledge of security vulnerabilities within the system. Rather, the scheme is based on observing past behavior and, in effect, assuming that the future will be like the past. In order for this approach to be effective, a rather large database of rules will be needed.
  • 13. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 INTRUSION DETECTION TECHNIQUES • Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified. Of course, we cannot expect that there will be a crisp, exact distinction between an attack by an intruder and the normal use of mechanisms.
  • 14. TRINITY INSTITUTE OF PROFESSIONAL STUDIES Sector – 9, Dwarka Institutional Area, New Delhi-75 Thank You...