Improving intrusion detection system by honeypot
-
Upload
mmubashirkhan -
Category
Technology
-
view
955 -
download
2
Transcript of Improving intrusion detection system by honeypot
PRESENTED BY BUSHRA MUNIR
IMPROVING INTRUSION DETECTIONSYSTEM BY HONEYPOT
Why Network Security
System Automation, New technologies
Blackhats
Worms, Trojan, Dos attacks
Intrusion Detection System Monitors network traffic and suspicious activity
Alerts the system or network administrator.
Respond to anomalous or malicious traffic by taking action such as blocking the user or source IP address from accessing the network.
Tracking user policy violation.
IDS Categories
Signature based detection system
Anomaly based detection system
Specification based detection system
Disadvantages
Known threats
False alarm ratio
Logging and analyzing huge amount of data
Processing Loads
New Threats and Attacks
Phishing
Botnets
Trojan and worms
Impersonation
Honeypot A New paradigm of Security
A honeypot is an information system resource whose value lies in unauthorized and illicit use
of that resource
Classification based on Implementation
Server Side Honeypot
Client Side Honeypots
Classification based on Interaction
Low Interactive Honeypots
High Interactive Honeypots
Value of Honeypot
Hybrid Honeypots
Analysis of attacks
Reduction in False Alarm Ratio
Reduction in False Alarm Ratio of IDS using
Honeypot
Proposed model
CONCLUSIONHoneypot is a new paradigm to secure
and provides valuable researches to
prevent threats.