intrusion tolerant ids
play

Intrusion Tolerant IDS James Riordan Marc Dacier Dominique - PowerPoint PPT Presentation

Mar 13, 2023 •217 likes •366 views

Intrusion Tolerant IDS James Riordan Marc Dacier Dominique Alessandri Andreas Wespi IBM Forschungslaboratorium R uschlikon, Switzerland 19 June 2001 1 MAFTIA A European project whose aim is to develop: Malicious- and Accidental-

  1. Intrusion Tolerant IDS James Riordan Marc Dacier Dominique Alessandri Andreas Wespi IBM Forschungslaboratorium R¨ uschlikon, Switzerland 19 June 2001

  2. 1 MAFTIA A European project whose aim is to develop: Malicious- and Accidental- Fault Tolerance for Internet Applications In short: apply and develop dependability methods with respect to a malicious fault model.

  3. 2 Maftia Details Maftia is a three year project with partners: • University of Newcastle (UK) • Universidade de Lisboa (P) • DERA, Malvern (UK) • Saarland University (D) • LAAS-CNRS, Toulouse (F) • IBM, Zurich (CH)

  4. 10 What is Intrusion Detection? Intrusion Detection concerns the set of practices and mechanisms used towards detecting security errors and failures and diagnosing intrusions and attacks. That is to say that ID is error detection and fault diagnosis with respect to a malicious fault model.

  5. 12 IDS and MAFTIA Three addressed views of IDS and MAFTIA: • How does the Intrusion Detection System help provide dependability for the entire system? √ • How does one build a dependable Intrusion Detection System? • Do the other dependable components help for the In- trusion Detection System? ×

  6. 21 Fault Injection Fault Injection against Attack Analysis Accidental misconfiguration Engine Coarse scale attacks Indications Target Sensor IDS

  7. 22 Redundant Monitoring Activity A−Sensor Target A−Sensor Analysis B−Sensor

  8. 23 Differential Observation Compare snap shots Of networks and machines • NSA • nmap • Tripwire

  9. 25 Integration with Security Scanners Integrate IDS with security scanner towards • Reduction of false positives • Greater context for true positives • Fault injection √ • Differential observation √

  10. 17 Channels Sender Receiver Sender Receiver Sender Filter Receiver Sender Receiver

  11. 18 Channels May be subject to event: • Deletion • Insertion • Alteration We need integrity, authenticity, QoS, and liveness.

  12. 19 Channels So we can add to an event stream { E i } : • Hash chaining C i = H ( C i − 1 , E i ) • Authentication codes C i = H ( S, C i − 1 , E i ) • Heart beat do { sleep 60; log "beep"; }

  13. 26 Conclusion Dependability methods provide valuable insights into effective Intrusion Detection

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An Intrusion Tolerant Threshold Cryptographic System Kamran Riaz Khan

An Intrusion Tolerant Threshold Cryptographic System Kamran Riaz Khan

Outline Problem Statement Proposed Solution Project Goals Deliverables Related Work References Questions An Intrusion Tolerant Threshold Cryptographic System Kamran Riaz Khan <krkhan@inspirated.com> March 2, 2010 Kamran Riaz Khan

970 views • 93 slides
From Byzantine-Tolerant to Intrusion-Safe Services Christian Cachin IBM Zurich Research

From Byzantine-Tolerant to Intrusion-Safe Services Christian Cachin IBM Zurich Research

From Byzantine-Tolerant to Intrusion-Safe Services Christian Cachin IBM Zurich Research Laboratory & LPD, EPFL With Idit Keidar and Alexander Shraer 22 September 2009 Overview BFT services Are f < n/3 faults realistic?

389 views • 19 slides
ATTACK-AWARENESS FOR SPIRE (INTRUSION-TOLERANT SCADA) Tiger Gao, Dan Qian, Elaine Wong, &

ATTACK-AWARENESS FOR SPIRE (INTRUSION-TOLERANT SCADA) Tiger Gao, Dan Qian, Elaine Wong, &

ATTACK-AWARENESS FOR SPIRE (INTRUSION-TOLERANT SCADA) Tiger Gao, Dan Qian, Elaine Wong, & Jason Wong 1. BACKGROUND What is Spire? What is SCADA? What is SCADA? Supervisory Control and Data Acquisition Allows for centralized

530 views • 18 slides
Press intrusion. Identifying similar words with different connotations What is press intrusion?

Press intrusion. Identifying similar words with different connotations What is press intrusion?

Topic 12: Press intrusion. Identifying similar words with different connotations What is press intrusion? Press intrusion is an issue which has many stances, often depending on whether you are a member of the press or have been on the receiving

602 views • 9 slides
Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be

Styles of Intrusion Detection Misuse intrusion detection Try to detect things known to be bad Anomaly intrusion detection Try to detect deviations from normal behavior Specification intrusion detection Try to detect

627 views • 15 slides
Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection

Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Architecture of an IDS Organization Incident Response Slide #22-1 FEARLESS engineering Principles of Intrusion Detection

744 views • 40 slides
Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network

Delay and Disruption Tolerant Networks An Overview NASA through the Delay Tolerant Network Research Group (DTNRG) DTNRG members research aspects of delay-tolerant networking in a number of ways including academic publications, technical

1.03k views • 43 slides
Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion

Intrusion Detection System Amir Hossein Payberah payberah@yahoo.com 1 Contents Intrusion Detection Systems Tripwire Snort 2 IDS (Definition) Intrusion Detection is the process of monitoring the events occurring in a computer

571 views • 30 slides
Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection

Chapter 25: Intrusion Detection Principles Basics Models of Intrusion Detection Architecture of an IDS Organization Incident Response June 2, 2005 ECS 235, Computer and Information Slide #1 Security Principles of

1.38k views • 104 slides
THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION

engineers | scientists | architects | constructors THE VAPOR INTRUSION PATHWAY DANIEL G. GREENE, CPG MISCONCEPTIONS MISCONCEPTIONS VAPOR INTRUSION The migration of volatile chemical from the subsurface into overlying building (USEPA 2002)

585 views • 31 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and

Intrusion Detection W enke Lee Com puter Science Departm ent Colum bia University Intrusion and Computer Security Com puter security: confidentiality, integrity, and availability Intrusion: actions to com prom ise security W hy

1.09k views • 63 slides
FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09, Gdask Canonical Control Engineering Problem Disturbance Controlled output Set-point Filter Controller Plant Sensor Noise This problem is

639 views • 29 slides
Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection

Customizing and Evolving Intrusion Detection A static, globally useful intrusion detection solution is impossible Good behavior on one system is bad behavior on another Behaviors change and new vulnerabilities are discovered

700 views • 23 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 239 systems Computer Software Some sample intrusion detection March 9, 2005 systems Lecture 15 Lecture 15 Page 1 Page 2 CS 239, Winter 2005

602 views • 12 slides
Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236

Outline Introduction Intrusion Detection Characteristics of intrusion detection CS 236 systems Computer Software Some sample intrusion detection March 12, 2007 systems Lecture 14 Lecture 14 Page 1 Page 2 CS 236, Winter 2007

537 views • 10 slides
On the security of security extensions for IP-based KNX networks Aljosha Judmayer

On the security of security extensions for IP-based KNX networks Aljosha Judmayer

On the security of security extensions for IP-based KNX networks Aljosha Judmayer ajudmayer@sba-research.org ajudmayer@auto.tuwien.ac.at On the security of security extensions for IP-based KNX networks 1 SBA Research P1.1: Risk Management

1.06k views • 51 slides
Design Automation for Cryptography Anupam Chattopadhyay Assistant Professor, School of Computer

Design Automation for Cryptography Anupam Chattopadhyay Assistant Professor, School of Computer

Design Automation for Cryptography Anupam Chattopadhyay Assistant Professor, School of Computer Science and Engineering School of Physical and Mathematical Sciences, Nanyang Technological University June 7, 2017 Motivation Security not a

669 views • 27 slides
Embedded System Security Professor Patrick McDaniel Charles Sestito Fall 2015 Embedded System

Embedded System Security Professor Patrick McDaniel Charles Sestito Fall 2015 Embedded System

Embedded System Security Professor Patrick McDaniel Charles Sestito Fall 2015 Embedded System Microprocessor used as a component in a device and is designed for a specific control function within a device Used In: Cell Phones

560 views • 31 slides
SPAE A Single Pass Authenticated Encryption scheme Philippe Elbaz-Vincent 1 , Cyril Hugounenq 1 ,

SPAE A Single Pass Authenticated Encryption scheme Philippe Elbaz-Vincent 1 , Cyril Hugounenq 1 ,

Motivations Design of SPAE Security of the scheme Performances SPAE A Single Pass Authenticated Encryption scheme Philippe Elbaz-Vincent 1 , Cyril Hugounenq 1 , Sbastien Riou 2 1 Univ. Grenoble Alpes / Institut Fourier,

519 views • 27 slides
Bug Squashing with SQLsmith andreas.seltenreich@credativ.de October 25, 2018

Bug Squashing with SQLsmith andreas.seltenreich@credativ.de October 25, 2018

Bug Squashing with SQLsmith andreas.seltenreich@credativ.de October 25, 2018 andreas.seltenreich@credativ.de PGConf.EU 2018 1 / 32 Outline Motivation Testing Methodology Analysis of Bugs Uncovered Design Future Work

1.6k views • 37 slides
MSc in Computer Engineering, Cybersecurity and Artificial Intelligence, Fault Diagnosis and

MSc in Computer Engineering, Cybersecurity and Artificial Intelligence, Fault Diagnosis and

MSc in Computer Engineering, Cybersecurity and Artificial Intelligence, Fault Diagnosis and Estimation in Dynamical Systems (FDE), a.a. 2019/2020, Lecture 2 A brief review of analysis of continuous-time linear dynamical systems Prof. Mauro

591 views • 48 slides
Approaching Automation Necessary for introducing a task Prioritize automation steps based

Approaching Automation Necessary for introducing a task Prioritize automation steps based

Learning objectives Understand the main purposes of automating software analysis and testing Identify activities that can be fully or partially Automating Analysis and Test automated Understand cost and benefit trade-offs in

799 views • 12 slides
Can Secure architecture perform? Motivated by Yales talk Machine Learning and Quantum

Can Secure architecture perform? Motivated by Yales talk Machine Learning and Quantum

Can Secure architecture perform? Motivated by Yales talk Machine Learning and Quantum Computing; Is there anything else worth working on? ISCA, 2002 Avi Mendelson Technion, Israel avi.mendelson@technion.ac.il Agenda Intro and motivation

525 views • 18 slides

More recommend