2. Intruders Detection
Intruder detection is the art of detecting intruders
behind attacks as unique persons. This technique tries to
identify the person behind an attack by analyzing their
computational behavior
3. Need Of Intruder Detection
Determining whether an intruder has
gain or has attempted to gain
unauthorized access to the system
Two groups of intruders:
External
Internal
4. Some Techniques
Keystrokes Dynamics
Command Used
Command Sequence
IP Address Used
ISP
Country, City
Ports Used
5. Keystrokes Dynamics
Keystroke Dynamics is paramount in Intruder Detection
techniques because it is the only parameter that has been
classified as a real 'behavioural biometric pattern'.
Keystroke dynamics analyze times between keystrokes
issued in a computer keyboard or cellular phone keypad
searching for patterns. First techniques used statistics and
probability concepts like 'standard deviations' and
'Mean', later approaches use data mining, neural
networks, Support Vector Machine, etc.
6. Intruder Detection System
First became needed in late 70s
Originally used with single systems
OS produced audit records that were
process by the IDS
IDS has expanded to distributed
systems and networks
7. Intruder Prevention
Requiring passwords to be submitted
Thanks
before users can access the system
Fixing or
vulnerabilities
patching known
Blocking network access
Restricting physical access