Upload File

project ppt

20
A seminar on Intrusion Detection System Department of Computer Science & Engineering Session 2012-13

Upload: nagpur-ankur

Post on 03-Nov-2014

97 views

Category:

Documents


2 download

Report

Tags:

DESCRIPTION

Intrusion detection PPT

TRANSCRIPT

Page 1: Project PPT

A seminar on

Intrusion Detection System

Department of Computer Science & EngineeringSession 2012-13

Page 2: Project PPT

CONTENTSINTRODUCTION

LITERATURE REVIEW

MODULES & DESCRIPTION

PROJECT CONCEPT

SNAPSHOTS

ADVANTAGES

APPLICATION

REFERENCES

Page 3: Project PPT

INTRODUCTIONINTRODUCTION

An intrusion detection system must reliably detect malicious activities in a network

It perform efficiently to cope with the large amount of network traffic.

In this project, we address these two issues of Accuracy and Efficiency using Conditional Random Fields and Layered Approach.

Page 4: Project PPT

LITERATURE REVIEW

IEEE Paper Topic:-Layered Approach Using Conditional Random Fields for Intrusion Detection

Published in:-JANUARY-MARCH 2010

Author:-Kapil Kumar GuptaBaikunth Nath

Ramamohanarao Kotagiri

In this paper, they have addressed the dual problem of Accuracy and Efficiency for building robust and efficient intrusion detection systems

Page 5: Project PPT

IEEE Paper Topic:- International Journal of Mobile Network Communications & Telematics (IJMNCT)

Published in:- June 2012

Author:- Mr.C.Saravanan Mr.M.V.Shivsankar

Prof.P.Tamije Selvy

In this paper, they have stated that CRFs are proven to be successfulframework for improving the attack detection accuracy rate and decreasing the FAR layered approach is used for high efficiency .

Page 6: Project PPT

MODULE & DESCRITPIONMODULE & DESCRITPION

Conditional Random Field Probe layer DoS layer R2L layer U2R layer

Page 7: Project PPT

Conditional Random FieldConditional Random Field

The CRFs have proven to be very successful in such tasks, as they do not make any unwarranted assumptions about the data.

Hence, we explore the suitability of CRFs for intrusion detection. system may consider features such as “logged in” and “number of file creations.” When these features are analyzed individually, they do not provide any information that can aid in detecting attacks

However, when these features are analyzed together, they can

provide meaningful information, which can be helpful for the classification task.

Page 8: Project PPT

Probe layerProbe layer

Hacker scans a machine to determine the weakness or vulnerabilities that may later to be exploited is called probe attack

This layer will detect the user which scans the machine for to checks its vulnerabilities

Examples of probe attack is saint, portsweep, mscan

Page 9: Project PPT

DoS(Denial Of Service) layerDoS(Denial Of Service) layer

Hacker makes a computing or memory resources too busy or too full to serve legitimate networking request is called DoS attack

This layer will detect the user which makes the resource busy

Example of DoS attacks are smurf, neptune, ping of death,mail bomb

Page 10: Project PPT

R2L(Remote to Local) layerR2L(Remote to Local) layer

The R2L attacks are one of the most difficult to detect as they involve the network level and the host level features.

We therefore selected both the network level features such as the “duration of connection” and “service requested” and the host level features such as the “number of failed login attempts” among others for detecting R2L attack.

Examples of R2L attacks are xclock, xnsnoop, guest, phf, sentmail dictionary.

Page 11: Project PPT

U2R(User to Root) layerU2R(User to Root) layer

Hackers are try to use the super user privileges to abuse the vulnerability in the system is called as U2R attack

This layer will detect the users which tries to use the super user privileges

Examples of U2R attacks are perl, xterm

Page 12: Project PPT

PROJECT CONCEPT

Page 13: Project PPT

SNAPSHOTS

This is the server side where the information about the intruder is displayed

Page 14: Project PPT

This is the user registration at the server side

Page 15: Project PPT

This is the login for the user

Page 16: Project PPT

When any user entering the wrong username & password the server side will display the information

Page 17: Project PPT

ADVANTAGES

Monitors the operation of firewalls, routers, key management servers and files critical to other security mechanisms

Allows administrator to tune, organize and comprehend often incomprehensible operating system audit trails and other logs

Can make the security management of systems by non-expert staff possible by providing nice user friendly interface

Comes with extensive attack signature database against which information from the customers system can be matched

Can recognize and report alterations to data files

Page 18: Project PPT

APPLICATION

FOR SYSTEM ADMINISTRATOR

EDUCATIONAL INSTITUTES

CORPORATE OFFICES

Page 19: Project PPT

REFERENCESREFERENCES

[1] Autonomous Agents for Intrusion Detection, http://www.cerias.purdue.edu

[2] KDD Cup 1999 Intrusion Detection Data,

http://kdd.ics.uci.edu

[3] Overview of Attack Trends,

http://www.cert.org

[4] Probabilistic Agent Based Intrusion Detection,

http://www.cse.sc.edu[5] “An Introduction To Intrusion Detection Systems”

By Paul Innella and Oba McMillan, Tetrad Digital Integrity, LLChttp://www.securityfocusonline.com/

[6] A survey of intrusion detection techniqueswww.sciencedirect.com

Page 20: Project PPT

PPT Project

Project Ppt