Intrusion Detection System Survey :: Collaborative Intrusion Detection System CIDS - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Intrusion Detection System Survey :: Collaborative Intrusion Detection System CIDS

Description:

Manager aggregates the alarms from different detectors and ... 'Avaya Labs Research-Project:Libsafe', At http://www.research.avayalabs.com/project/libsafe ... – PowerPoint PPT presentation

Number of Views:223
Avg rating:5.0/5.0
Slides: 15
Provided by: Ref51
Category:

less

Transcript and Presenter's Notes

Title: Intrusion Detection System Survey :: Collaborative Intrusion Detection System CIDS


1
Intrusion Detection System Survey
Collaborative Intrusion Detection System (CIDS)
  • Yuhong Dong
  • ydong_at_fau.edu

2
Collaborative Intrusion Detection
SystemPresentation Content
  • CIDS Basic Concept
  • CIDS Architecture
  • Experiment
  • Result
  • Reference

3
Collaborative Intrusion Detection SystemConcept
  • Multiple Intrusion Detectors
  • -- Snort, Libsafe, Sysmon
  • Multiple layers
  • -- Network, Application, Kernel
  • Manager
  • --Graph-based and Bayesian-Based Inference
    Engine
  • Mechanism
  • -- Manager aggregates the alarms from different
    detectors and provides a alarm for an intrusion

4
Collaborative Intrusion Detection
SystemArchitecture (instance of CIDS)
5
Collaborative Intrusion Detection
SystemArchitecture (from system view)
6
Collaborative Intrusion Detection
SystemArchitecture (for Manager)
7
Collaborative Intrusion Detection
SystemArchitecture (for Event Dispatcher)
How does the Event Dispatcher works? -- Dispatch
event to local reference Engine according to
destination (DIP) --Group the event according to
the target process (PID)
8
Collaborative Intrusion Detection
SystemGraph-based Inference Engine
9
Collaborative Intrusion Detection
SystemBayesian Network-based Inference Engine
10
Collaborative Intrusion Detection
SystemExperiment
  • Environment Red Hat Linux 8.0 with Apache web
    server version 1.3.24
  • Simulation Electronic Store Front Workload with
    three Attack types Buffer Overflow Attack,
    flooding Attack, Script-Based Attack

11
Collaborative Intrusion Detection SystemResult
-- Performance Evaluation
12
Collaborative Intrusion Detection
SystemResult--Detection Effectiveness
Evaluation
13
Collaborative Intrusion Detection
SystemResultAttack Propagation Speed
14
Collaborative Intrusion Detection
SystemReference
  • Collaborative Intrusion Detection System(CIDS) A
    Framework for Accurate and Efficient IDS
  • Apache OpenSSL Attack at http//www.cert.org/adv
    isories/CA-2002-27.html
  • Avaya Labs Research-ProjectLibsafe, At
    http//www.research.avayalabs.com/project/libsafe
  • Kevin Murphy, Bayes Net Toolbox for Matlab,
    Athttp//www.ai.mit.edu/murphyk/Software/BNT/bnt
    .html
  • Snort-Lightweight Intrusion Detection for
    Networks
  • Apache Chunk Buffer Overflow Attack. At
    http//httpd.apache.org/info/security_bulletin_200
    20617.txt
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Intrusion Detection System Survey :: Collaborative Intrusion Detection System CIDS" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!