1 / 10

Intrusion Detection System

University of Palestine. Intrusion Detection System. Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh. Topics. Define of Intrusion detection system (IDS) types of IDS Advantages of Network based & host based Challenges of IDS Conclusion References.

adele
Télécharger la présentation

Intrusion Detection System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. University of Palestine Intrusion Detection System Student / Mahmoud Elqedra AssistantProfessor / Dr. Sana’a Wafa Al-Sayegh mahmoud_moon2001@hotmail.com

  2. Topics • Define of Intrusion detection system (IDS) • types of IDS • Advantages of Network based & host based • Challenges of IDS • Conclusion • References mahmoud_moon2001@hotmail.com

  3. Intrusion detection system (IDS) is a security system that monitors computer systems and network traffic and analyzes that traffic for possible hostile attacks originating from outside the organization and also for system misuse or attacks originating from inside the organization. mahmoud_moon2001@hotmail.com

  4. Types of IDS • Host based Intrusion Detection system has only host based sensors network based (HIDS) • Intrusion detection system has network-based sensor (NIDS) mahmoud_moon2001@hotmail.com

  5. Advantages of NIDS 1. Lower Cost of Ownership. 2. Easier to deploy. 3. Detect network based attacks. 4. Retaining evidence. 5. Real Time detection and quick response. 6. Detection of failed attacks. mahmoud_moon2001@hotmail.com

  6. Advantages of HIDS • Verifies success or failure of an attack • Monitors System Activities • Detects attacks that a network based IDS fail to detect • Near real time detection and response Does not require additional hardware • Lower entry cost mahmoud_moon2001@hotmail.com

  7. Challenges of IDS • IDS technology itself is undergoing a lot of enhancements. • The success of an IDS implementation depends to a large extent on how it has been deployed. • Some organizations implement a hybrid solution. • It is important to take care of sensor to manager ratio • The IDS technology is still reactive rather than proactive • While deploying a network based IDS solution, it is important to keep in mind one very important aspect of the network based IDS in switched environment. mahmoud_moon2001@hotmail.com

  8. Conclusion • strong identification and authentication: • Intrusion Detection Systems are not a solution to all security concerns • An IDS is not a substitute for a good security policy: • Human intervention is require mahmoud_moon2001@hotmail.com

  9. List of References: 1. Watching the Watchers: Intrusion Detection by Greg Shipley http://www.networkcomputing.com/1122/1122f3.html 2. Network vs Host-based Intrusion Detection; A guide to Intrusion Detection Technology http://secinf.net/info/ids/nvh_ids/ 3. Intrusion Detection: Challenges and myths by Marcus J. Ranum http://secinf.net/info/ids/ids_mythe.html 4. State of the Practice of Intrusion Detection Technologies http://www.sei.cmu.edu/publications/documents/99.reports/99tr028/99tr028exsu m.html mahmoud_moon2001@hotmail.com

  10. List of References: 5. Protect your network with an Intrusion Detection system, Gartner Research http://www.techrepublic.com/article.jhtml?src=search&id=r00520010209ggr01.htm 6. FAQ: Network Intrusion Detection Systems by Robert Graham http://www.ticm.com/kb/faq/idsfaq.html 7. Limitations of Network Intrusion Detection by Steve Schupp http://www.sans.org/infosecFAQ/intrusion/net_id.htm mahmoud_moon2001@hotmail.com

More Related