[email protected] m 1 University of Palestine Student / Mahmoud Elqedra Assistant...
-
Upload
lionel-moody -
Category
Documents
-
view
214 -
download
0
Transcript of [email protected] m 1 University of Palestine Student / Mahmoud Elqedra Assistant...
![Page 1: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/1.jpg)
1
University of Palestine
Student / Mahmoud Elqedra
Assistant Professor / Dr. Sana’a Wafa Al-Sayegh
![Page 2: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/2.jpg)
2
Topics
Define of Intrusion detection system (IDS) types of IDS Advantages of Network based & host based Challenges of IDS Conclusion References
![Page 3: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/3.jpg)
3
is a security system that monitors computer systems and network traffic and analyzes that traffic for possible hostile attacks originating from outside the organization and also for system misuse or attacks originating from inside the organization.
Intrusion detection system (IDS)
![Page 4: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/4.jpg)
4
Types of IDS
Host based Intrusion Detection system has only host based sensors network based (HIDS)
Intrusion detection system has network-based sensor (NIDS)
![Page 5: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/5.jpg)
5
Advantages of NIDS
1. Lower Cost of Ownership.
2. Easier to deploy.
3. Detect network based attacks.
4. Retaining evidence.
5. Real Time detection and quick response.
6. Detection of failed attacks.
![Page 6: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/6.jpg)
6
Advantages of HIDS
Verifies success or failure of an attack Monitors System Activities Detects attacks that a network based IDS fail to detect Near real time detection and response Does not require
additional hardware Lower entry cost
![Page 7: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/7.jpg)
7
Challenges of IDS
IDS technology itself is undergoing a lot of enhancements. The success of an IDS implementation depends to a large extent
on how it has been deployed. Some organizations implement a hybrid solution. It is important to take care of sensor to manager ratio The IDS technology is still reactive rather than proactive While deploying a network based IDS solution, it is important to
keep in mind one very important aspect of the network based IDS in switched environment.
![Page 8: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/8.jpg)
8
Conclusion
strong identification and authentication:Intrusion Detection Systems are not a solution to all
security concernsAn IDS is not a substitute for a good security policy:Human intervention is require
![Page 9: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/9.jpg)
9
1 .Watching the Watchers: Intrusion Detection by Greg Shipleyhttp://www.networkcomputing.com/1122/1122f3.html
2 .Network vs Host-based Intrusion Detection; A guide to Intrusion DetectionTechnologyhttp://secinf.net/info/ids/nvh_ids/
3 .Intrusion Detection: Challenges and myths by Marcus J. Ranumhttp://secinf.net/info/ids/ids_mythe.html
4 .State of the Practice of Intrusion Detection Technologieshttp://www.sei.cmu.edu/publications/documents/99.reports/99tr028/99tr028exsum.html
List of References:
![Page 10: Mahmoud_moon2001@hotmail.co m 1 University of Palestine Student / Mahmoud Elqedra Assistant Professor / Dr. Sana’a Wafa Al-Sayegh.](https://reader035.fdocuments.us/reader035/viewer/2022072117/56649d755503460f94a55d55/html5/thumbnails/10.jpg)
10
5 .Protect your network with an Intrusion Detection system, Gartner Researchhttp://www.techrepublic.com/article.jhtml?src=search&id=r00520010209ggr01.htm
6 .FAQ: Network Intrusion Detection Systems by Robert Grahamhttp://www.ticm.com/kb/faq/idsfaq.html
7 .Limitations of Network Intrusion Detection by Steve Schupphttp://www.sans.org/infosecFAQ/intrusion/net_id.htm
List of References: