Improving intrusion detection system by honeypot

11
PRESENTED BY BUSHRA MUNIR IMPROVING INTRUSION DETECTION SYSTEM BY HONEYPOT

Transcript of Improving intrusion detection system by honeypot

Page 1: Improving intrusion detection system by honeypot

PRESENTED BY BUSHRA MUNIR

IMPROVING INTRUSION DETECTIONSYSTEM BY HONEYPOT

Page 2: Improving intrusion detection system by honeypot

Why Network Security

System Automation, New technologies

Blackhats

Worms, Trojan, Dos attacks

Page 3: Improving intrusion detection system by honeypot

Intrusion Detection System Monitors network traffic and suspicious activity

Alerts the system or network administrator.

Respond to anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network.

Tracking user policy violation.

Page 4: Improving intrusion detection system by honeypot

IDS Categories

Signature based detection system

Anomaly based detection system

Specification based detection system

Page 5: Improving intrusion detection system by honeypot

Disadvantages

Known threats

False alarm ratio

Logging and analyzing huge amount of data

Processing Loads

Page 6: Improving intrusion detection system by honeypot

New Threats and Attacks

Phishing

Botnets

Trojan and worms

Impersonation

Page 7: Improving intrusion detection system by honeypot

Honeypot A New paradigm of Security

A honeypot is an information system resource whose value lies in unauthorized and illicit use

of that resource

Page 8: Improving intrusion detection system by honeypot

Classification based on Implementation

Server Side Honeypot

Client Side Honeypots

Classification based on Interaction

Low Interactive Honeypots

High Interactive Honeypots

Page 9: Improving intrusion detection system by honeypot

Value of Honeypot

Hybrid Honeypots

Analysis of attacks

Reduction in False Alarm Ratio

Page 10: Improving intrusion detection system by honeypot

Reduction in False Alarm Ratio of IDS using

Honeypot

Proposed model

Page 11: Improving intrusion detection system by honeypot

CONCLUSIONHoneypot is a new paradigm to secure

and provides valuable researches to

prevent threats.


2001-Honeypot-Newsletter-16ppA5-FINAL · Honeypot Heroes Page 6-7 Honeypot House, Hampshire – Learning breaks and more! Page 8-9 Honeypot Pen y Bryn – The buzz! Page 10 Volunteering

2001-Honeypot-Newsletter-16ppA5-FINAL · Honeypot Heroes Page 6-7 Honeypot House, Hampshire – Learning breaks and more! Page 8-9 Honeypot Pen y Bryn – The buzz! Page 10 Volunteering

Intrusion Detection Systems - CCC Event Blog · PDF fileIntrusion Detection Systems Elevated to the ... Honeypot = dedicated system with traps ... – Statistic analysis of intrusion

Intrusion Detection Systems - CCC Event Blog · PDF fileIntrusion Detection Systems Elevated to the ... Honeypot = dedicated system with traps ... – Statistic analysis of intrusion

A dynamic approach for improving performance of intrusion detection system over manet

A dynamic approach for improving performance of intrusion detection system over manet

Improving Intrusion Detection by the Automated Generation ... · intrusion detection data set and Section 7 discusses the metrics used for attribute selection in the KDD’99 intrusion

Improving Intrusion Detection by the Automated Generation ... · intrusion detection data set and Section 7 discusses the metrics used for attribute selection in the KDD’99 intrusion

Honeypot Documentation

Honeypot Documentation

bphanikrishna.files.wordpress.com · Web viewThe IETF Intrusion Detection Working Group is currently drafting standards to support interoperability of IDS info (both honeypot and

bphanikrishna.files.wordpress.com · Web viewThe IETF Intrusion Detection Working Group is currently drafting standards to support interoperability of IDS info (both honeypot and

Improving Intrusion Detection - riverpublishers.com · Improving Intrusion Detection on Snort Rules for Botnet Detection 23 The rule header. The rule header describes attributes of

Improving Intrusion Detection - riverpublishers.com · Improving Intrusion Detection on Snort Rules for Botnet Detection 23 The rule header. The rule header describes attributes of

Tartarus: A honeypot based malware tracking and mitigation ... · malicious entities. Detection and defence from these malicious entities has primarily been the concern of Intrusion

Tartarus: A honeypot based malware tracking and mitigation ... · malicious entities. Detection and defence from these malicious entities has primarily been the concern of Intrusion

Virtual honeypot

Virtual honeypot

Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.

Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.

SECURE WEB SERVICES IN MOBILE AGENTS BY USING HONEYPOT ... · SECURE WEB SERVICES IN MOBILE AGENTS BY USING HONEYPOT SYSTEM AS INTRUSION DETECTION FOR ... The Agent based web service

SECURE WEB SERVICES IN MOBILE AGENTS BY USING HONEYPOT ... · SECURE WEB SERVICES IN MOBILE AGENTS BY USING HONEYPOT SYSTEM AS INTRUSION DETECTION FOR ... The Agent based web service

Intrusion Detection and Malware Analysis - Malware collection...Honeypot taxonomy Low-interaction:simple daemons simulating network services; no exploitation. ... browser exploits

Intrusion Detection and Malware Analysis - Malware collection...Honeypot taxonomy Low-interaction:simple daemons simulating network services; no exploitation. ... browser exploits

HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in.

HONEYPOT. Introduction to Honeypot Honeytoken Types of Honeypots Honeypot Implementation Advantages and Disadvantages Role of Honeypot in.

MODEL FOR IMPROVING PERFORMANCE OF NETWORK INTRUSION ...

MODEL FOR IMPROVING PERFORMANCE OF NETWORK INTRUSION ...

KFSensor Honeypot and Intrusion Detection System Sunil Gurung [60-475] Security and Privacy on the Internet.

KFSensor Honeypot and Intrusion Detection System Sunil Gurung [60-475] Security and Privacy on the Internet.

Improving network intrusion detection system performance ... · Improving network intrusion detection system performance through quality of service configuration and parallel technology

Improving network intrusion detection system performance ... · Improving network intrusion detection system performance through quality of service configuration and parallel technology

Honeypot ss

Honeypot ss

Intrusion Detection using Honeypot and Support Vector ...ethesis.nitrkl.ac.in/7997/1/672.pdf · Intrusion Detection using Honeypot and Support Vector ... using Honeypot and Support

Intrusion Detection using Honeypot and Support Vector ...ethesis.nitrkl.ac.in/7997/1/672.pdf · Intrusion Detection using Honeypot and Support Vector ... using Honeypot and Support

Using Honeypots for Network Intrusion Detection · 2020. 12. 17. · 16 Honeypot Placement Within the Network Using Honeypots for Intrusion Detection (cont.) TLP: WHITE, ID# 202010221030

Using Honeypots for Network Intrusion Detection · 2020. 12. 17. · 16 Honeypot Placement Within the Network Using Honeypots for Intrusion Detection (cont.) TLP: WHITE, ID# 202010221030

one childhood, one journey Honeypot House The Honeypot Playbus.

one childhood, one journey Honeypot House The Honeypot Playbus.