SlideShare a Scribd company logo

DIDS and AppIDS

Hitesh Mohapatra
Hitesh Mohapatra

This presentation speaks on datbase IDS and Application Specific IDS

Engineering
1 of 41
Intrusion Detection Systems Lecture #6 Application-Specific and Database Intrusion Detection
Introduction • Existing work on intrusion detection have mainly focused on network intrusion and host-based attacks • The earliest proposals for intrusion detection were based on the use of audit data from the host being monitored • Audit data is provided by the operating system or other applications running in the host • Host based intrusion detection (HIDS) is performed at the operating system level by comparing expected and observed system resource usage 12/6/2017 Hitesh Mohapatra Ph.D 2
Introduction • Network intrusion detection systems (NIDSs) observe the network traffic that goes to and from the systems being monitored • NIDSs are positioned at various points in a network to detect any attack on the hosts of that network • To capture most of the data passing through the network, we need to position the IDS at the entry and exit point of the network to the outside world • Some more IDSs may also be placed in the internal network, depending on the level of security needed • This approach has the advantage is that even a single and properly placed NIDS can monitor a number of hosts 12/6/2017 Hitesh Mohapatra Ph.D 3
Limitations of HIDSs • The information sources for HIDSs reside on the host, that is targeted by attackers. So, the IDS itself may be attacked and thereby disabled during the attack • In addition, HIDSs require resources of the host to operate and are harder to manage as information must be configured and managed for every host individually • An HIDS can only be trusted up to the point till the system/host is not compromised: – A secure logging mechanism is necessary to prevent logs from being erased if the attacker compromises the machine – An attacker obtaining super user privilege on the host can disable the HIDS – HIDS may become ineffective during DoS attacks 12/6/2017 4Hitesh Mohapatra Ph.D
Limitations of NIDSs • Cannot see attacks arriving over a path that does not traverse the network segment being monitored • Cannot observe actions that occur inside a host (miss local attacks) • Use of encryption mechanisms during transmission make NIDSs ineffective because they cannot examine the contents of encrypted communications 12/6/2017 5Hitesh Mohapatra Ph.D
Database IDS (DIDS) • Organizations use Data Base Management Systems (DBMS) as the main data management technology for storing and accessing information • Ability to access information and carry out on-line transactions from anywhere using the Internet and web- based applications increases the chances of attacks on database systems • It is found that 75% of the attacks on the Web occur at the application level • Concern regarding the security of databases has thus become more crucial in all information infrastructures 12/6/2017 Hitesh Mohapatra Ph.D 6
Database IDS (DIDS) • Traditional database security mechanisms provide security features such as authentication, authorization, access control, data encryption and auditing • Despite the use of such prevention-based security mechanisms for enforcing organizational security, they are not sufficient for protection of data against syntactically correct but semantically damaging transactions • Moreover, in databases, some of the attributes are more sensitive to malicious modifications as compared to others • The development of an effective DIDS is essential for protecting sensitive and confidential (proprietary) information stored in DBMSs 12/6/2017 Hitesh Mohapatra Ph.D 7
Application-Specific IDS (AppIDS) • AppIDS detect intrusions more accurately in context of the application by considering the semantics (domain knowledge) of the application and various application- specific rules • This type of IDS uses a large number of domain related attributes for profile building which makes the profile difficult to be guessed by the outside intruders as well as by the insiders • Intrusion detection is required at the application level for facilitating accurate detection of frauds in specific domains like credit card payment system, mobile communication networks, medical/automobile insurance, etc. 12/6/2017 Hitesh Mohapatra Ph.D 8
Requirements of Application-Specific (AppIDS) and Database IDS (DIDS) • At the level of database, a file has an inherent structure which is subdivided into tables, rows and columns • HIDSs and NIDSs cannot detect changes to the structure or rows of the tables – For example, if data is stored in a file, then the OS level IDS can only determine whether or not the file as a whole has changed. It cannot identify any malicious updates/deletes made to attributes/records of the file • A DIDS/AppIDS can identify database level changes easily and thus are able to detect more critical attacks such as those carried out by internal intruders 12/6/2017 Hitesh Mohapatra Ph.D 9
Database IDS (DIDS) • The attributes corresponding to a single transaction are known as intra-transactional (Eg. query type, accessed table name(s), accessed attribute name(s), transaction location and transaction time, etc.) • Attributes related to multiple transactions are called inter- transactional (Eg. which types of queries are invoked after which types of queries, which tables/attributes are accessed after which tables/attributes, time gap between successive transactions by the same user, etc.) • An IDS which detects intrusion only based on intra- transactional features like cannot identify the attacks in which the individual transactions are quite similar to that of normal transactions • When an attacker requests multiple transactions, it is possible to identify inter-transactional deviation 12/6/2017 10Hitesh Mohapatra Ph.D
CASE STUDY OF AN APPIDS: CREDIT CARD FRAUD DETECTION SYSTEM 12/6/2017 Hitesh Mohapatra Ph.D 11
Credit Card Fraud Detection System • Specific application of Intrusion Detection System • Fraudulent transactions on credit cards is a common problem especially with respect to online transactions • Thieves obtain card numbers by shoulder surfing, packet intercepting, database stealing, etc. • The problem is expected to multiply many-folds in the future 12/6/2017 12Hitesh Mohapatra Ph.D
Types of Credit Card Purchases • Credit card purchases can be done in two ways: – Physical card purchases: Cardholder presents his card physically to a merchant for making a payment – Virtual card purchases: Only some important information about a card (card number, name on card, expiration date, secure code, etc.) is required to be entered for making the payment which are done on the Internet or over phone 12/6/2017 Hitesh Mohapatra Ph.D 13
Types of Credit Card Fraud • According to the type of purchase, credit card frauds can be categorized into two types: 1) Physical Card Fraud: – To carry out fraudulent transactions in this kind of purchase, an attacker has to steal or clone the credit card – If the cardholder does not realize the loss of card, it can lead to a substantial financial loss to the credit card company 2) Virtual Card Fraud: – To commit fraud in these types of purchases, a fraudster requires to know the card details – The genuine cardholder may not aware that someone else has seen or stolen his card information – The only way to detect this kind of fraud is to analyze the spending patterns on every card and to figure out any inconsistency with respect to the “normal” spending patterns (profile) 12/6/2017 Hitesh Mohapatra Ph.D 14
15 Credit Card Fraud Detection • Credit card fraud detection is a specific application of intrusion detection in databases • Credit card fraud is increasing rapidly resulting in loss of billions of dollars every year • Effective technologies are required to detect fraud in order to maintain the viability of the payment system • Usually, every cardholder has a certain shopping behavior which establishes an activity/normal profile for him/her 12/6/2017 Hitesh Mohapatra Ph.D
16 Credit Card Fraud Detection • As a result of personal needs or seasonal needs, patterns of legitimate behavior may change over time • Systems that cannot “evolve” or “learn” soon become outdated resulting in large number of false alarms • The fraudster can also attempt new types of attacks so as to bypass the Credit Card Fraud Detection System (CCFDS) • Thus, there is a need for developing a CCFDS which can: – Combine multiple evidences including patterns of genuine cardholders as well as fraudsters – Adapt to the change of spending patterns of cardholders 12/6/2017 Hitesh Mohapatra Ph.D
Challenges in Credit card Fraud Detection • Orders could be shipped to a different address than the billing address (normally while gifting to someone) • Orders could be shipped to a single address but made on multiple cards • The genuine transactions could be interspersed with the fraudulent transactions • Number of fraudulent transactions is quite less as compared to the volume of genuine transactions (class imbalance problem) • The company incurs a finite cost in the event of check back (manual confirmation with actual cardholder) • The customer may not be always contactable 12/6/2017 17Hitesh Mohapatra Ph.D
Limitations of Existing CCFDS • Existing approaches on CCFD are either anomaly or misuse-based systems • Anomaly-based FDSs raise large number of false alarms and misuse-based FDSs cannot detect new fraud patterns: – Deviation in access behavior of genuine cardholders due to special requirements raise false alarms (Anomaly CCFDS) – New fraud types that the detection system is not aware of, mostly go undetected (Misuse CCFDS) • Objective: A hybrid CCFD model that integrates the advantages of both anomaly and misuse-based systems so as to achieve high detection rate along with minimized false alarms 1812/6/2017 Hitesh Mohapatra Ph.D
19 Case Study: Credit Card Fraud Detection • Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Credit Card Fraud Detection: A Fusion Approach using Dempster-Shafer Theory and Bayesian Learning”, Information Fusion (Special Issue on Information Fusion in Computer Security), Elsevier, Vol. 10, No. 4, Pages 354-363, 2009 12/6/2017 Hitesh Mohapatra Ph.D
Case Study: Credit Card Fraud Detection • The basic idea of our approach is that: – Fraudsters are usually not completely familiar with the cardholder’s normal spending profile – Their aim is to gain maximum profit in a limited amount of time before they get caught • Transactions carried out by a fraudster usually show some deviation in terms of transaction amount as well as time gap between successive transactions (carrying out high value transactions frequently), which needs to be captured by our CCFDS 12/6/2017 Hitesh Mohapatra Ph.D 20
21 Proposed CCFD System • We have proposed a two-stage CCFDS that combines evidences from: – Cardholder’s current activity patterns (First Stage) – Cardholder’s past transaction profile as well as the history of fraudulent activities available to the card issuing bank (Second Stage) • The evidences are combined using the Dempster-Shafer theory and an initial belief (P(h)) is computed • An incoming transaction is classified as genuine, fraudulent or suspicious depending on the value of P(h) 12/6/2017 Hitesh Mohapatra Ph.D
Proposed CCFD System • Two preset threshold values lower threshold (ѲLT) and upper threshold (ѲUT) are determined experimentally are used for taking decision about an incoming transaction • If a transaction is determined to be genuine or fraudulent, it is not processed further • If a transaction is found to be suspicious, the initial belief is updated using Bayesian learning based on additional evidence obtained from transaction history databases • Proposed CCFDS integrates anomaly detection and misuse detection techniques to improve the accuracy of the system 12/6/2017 Hitesh Mohapatra Ph.D 22
Proposed CCFD System • To meet the required functionality, the proposed CCFDS is designed with the following four components:  Rule-based Filter (RBF)  Dempster-Shafer Adder (D-S Adder)  Transaction History Database (THD)  Bayesian Learner (BL) 12/6/2017 Hitesh Mohapatra Ph.D 23
24 Rule-Based Filter • Generic and customer-specific rules are used to monitor behavioral patterns of a cardholder • Each Rule Ri measures intrusiveness of a transaction by assigning basic probabilities mi(h) • The current model uses two rule-based techniques at this component: – Address Mismatch – Outlier Detection 12/6/2017 Hitesh Mohapatra Ph.D
Rule-Based Filter 1) Address Mismatch(R1): • Orders could be shipped to a different address (shipping address) than the billing address • A transaction that clears this check can be classified as genuine with very high probability • The transactions that violate this check are labeled as suspect 2) Outlier Detection(R2): • A fraudster is likely to deviate from the customer’s profile, his transactions can thus be detected as outliers • We have used DBSCAN (Density Based Spatial Clustering of Applications with Noise) [3] algorithm to filter out outliers • Any transaction detected as an outlier gives evidence that it could be fraudulent 2512/6/2017 Hitesh Mohapatra Ph.D
26 Rule-Based Filter • In the current work, we have used “transaction amount” as an attribute for detecting outliers • The rule-based filter is essential since it separates out most of the genuine transactions so that the FDS do not have to unnecessarily investigate millions of regular legitimate transactions • This component is kept flexible so that new rules can always be added according to existing trends, further enriching its functionality 12/6/2017 Hitesh Mohapatra Ph.D
27 D-S Adder • The role of the D-S adder is to combine evidences from the rules R1 and R2 at the RBF in order to compute the initial belief P(h) for each transaction • The D-S adder uses the Dempster-Shafer theory (D-S theory) of evidence to combine information • The D-S theory assumes a Universe of Discourse U, also called Frame of Discernment, which is a set of mutually exclusive and exhaustive possibilities 12/6/2017 Hitesh Mohapatra Ph.D
28 D-S Adder • For every incoming transaction, the rules R1 and R2 share their independent observations about the behavior of the transaction • The observations are combined to form a decision about the transaction’s genuineness • Two basic probability assignments m1(h) and m2(h) are combined into a third basic probability assignment m(h) by the Dempster’s rule for combination as follows:       yx hyx ymxm ymxm hmhmhmhP )(*)(1 )(*)( )()()()( 21 21 21 12/6/2017 Hitesh Mohapatra Ph.D
29 D-S Adder • For the credit card fraud detection problem, U consists of two possible values for any suspected transaction: U = {fraud, ¬fraud} • For this U, the power set has three possible elements: h = {fraud} Transaction is fraudulent (Fraud) = {¬fraud} Transaction is not fraudulent (Genuine) (h, ) => Transaction is either fraudulent or genuine (Suspicious) h 12/6/2017 Hitesh Mohapatra Ph.D h
First Stage Decision Making Decision making occurs in two stages in the proposed system First level inferences are made based on the initial belief  If initial belief < lower threshold (ѲLT), transaction is genuine  If initial belief > upper threshold (ѲUT), transaction is fraudulent  If lower threshold ≤ initial belief ≤ upper threshold, transaction is suspicious 12/6/2017 Hitesh Mohapatra Ph.D 30
Transaction History Databases (THD) For tracking suspicious transactions, two transaction history databases are built: • Good Transaction History (GTH) – from customer’s past behavior (customer specific) • Fraud Transaction History (FTH) – from different types of past fraudulent data (generic) Past spending behavior is observed in terms of frequency of transactions in a specific time gap 12/6/2017 Hitesh Mohapatra Ph.D 31
Transaction History Databases • Transaction gap is divided into four mutually exclusive and exhaustive events - D1, D2, D3 and D4 • Occurrence of each event (transaction) depends on the time since last purchase (transaction gap ρ) on any particular card 3212/6/2017 Hitesh Mohapatra Ph.D
Transaction History Databases • Conditional probabilities (evidence) and are determined from the transaction history databases FTH and GTH respectively: • We have created two look-up tables FFT (Fraud Frequency Table) and GFT (Good Frequency Table) to maintain the values of the conditional probabilities 12/6/2017 Hitesh Mohapatra Ph.D 33
Bayesian Learning  The general idea of belief revision is that, whenever new information becomes available, it may require updating of prior beliefs  The prior/initial belief P(h) can be updated by using Bayes’ Rule after getting the new information Di from the THD  Posterior belief (P(h| Di)) of a suspicious transaction is computed using Bayesian learning based on evidence from THD 3412/6/2017 Hitesh Mohapatra Ph.D
Bayesian Learning • The goal of Bayesian learning is to find the most probable hypothesis hmap given the training data (Maximum A Posteriori Hypothesis) • Depending on which of the posterior values is greater, the future actions are decided by the FDS 12/6/2017 Hitesh Mohapatra Ph.D 35
Second Stage Decision Making • Suspicion score (ψ) of transaction is updated by combining its posterior belief and initial belief • For the first suspicious transaction on a card, suspicion score is same as its initial belief • Final decision is made about the transaction according to its suspicion score 3612/6/2017 Hitesh Mohapatra Ph.D
Initial Belief Analysis FFTFTH (Generic) TRANSACTION HISTORY DATABASE P(h) Genuine/Fraudulent suspect table Suspicious BPA_R1, BPA_R2 Incoming Transaction T on card Ck )|(),|( EhPEhP P(h) Suspicion Score Analysis D-S ADDER BAYESIAN LEARNER D-S ADDER RULE-BASED FILTER Genuine/Fraudulent Event E occurs Ck, P(Ck) )RoundLast(  GTH (User specific) GFT )|(),|( hEPhEP )RoundCurrent( UTLT  , UTLT  , Flow of Events in the Proposed CCFD System 3712/6/2017 Hitesh Mohapatra Ph.D
Mobile Telecommunication Fraud Detection • Extension of the proposed approach was developed with new features such as “transaction type” for fraud detection in mobile communication networks by considering the domain- related issues and also including the various application- specific changes [4] – Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Use of Dempster-Shafer Theory and Bayesian Inferencing for Fraud Detection in Mobile Communication Networks”, Lecture Notes in Computer Science (LNCS-4586), Springer Verlag, Australasian Conference on Information Security and Privacy (ACISP), Townsville, Queensland, Australia, Pages 446-460, 2007 12/6/2017 Hitesh Mohapatra Ph.D 38
Database Intrusion Detection • Generalization of the proposed approach for intrusion detection in databases by applying an extension of Dempster-Shafer theory and Bayesian inferencing • Sensitivity of attributes is also taken into consideration for tracking against malicious modifications – Published in • IEEE Symposium on Computational Intelligence in Cyber Security (CICS 2009) [5] • Information Systems Frontiers (Special Issue on Security Management and Technologies for Protecting Against Internal Data Leakages), Springer, 2010 [6] 12/6/2017 Hitesh Mohapatra Ph.D 39
40 References 1. A. C. Murray, “The Threat From Within, Network Computing”, URL – http://www.networkcomputing.com/data-protection/the-threat-from- within/229616352, August 2005 2. Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Credit Card Fraud Detection: A Fusion Approach using Dempster- Shafer Theory and Bayesian Learning”, Information Fusion (Special Issue on Information Fusion in Computer Security), Elsevier, Vol. 10, No. 4, Pages 354-363, 2009 3. M. Ester, H. P. Kriegel, J. Sander and X. Xu, “A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise”, In Proceedings of the 2nd International Conference on Knowledge Discovery and Data Mining (KDD),Pages: 226-231, 1996 12/6/2017 Hitesh Mohapatra Ph.D
References 4. Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Use of Dempster-Shafer Theory and Bayesian Inferencing for Fraud Detection in Mobile Communication Networks”, Lecture Notes in Computer Science (LNCS-4586), Springer Verlag, Australasian Conference on Information Security and Privacy (ACISP), Townsville, Queensland, Australia, Pages 446-460, 2007 5. Suvasini Panigrahi, Shamik Sural and A. K. Majumdar, “Detection of Intrusive Activity in Databases by Combining Multiple Evidences and Belief Update”, IEEE Symposium on Computational Intelligence in Cyber Security (CICS 2009), Nashville, Tennessee, USA, Pages 83-90, 2009 6. Suvasini Panigrahi, Shamik Sural and A. K. Majumdar, “Two-Stage Database Intrusion Detection by Combining Multiple Evidence and Belief Update”, Information Systems Frontiers (Special Issue on Security Management and Technologies for Protecting Against Internal Data Leakages), Springer, DOI: 10.1007/s10796-010-9252-2, Pages 1-19, Online First 11th August 2010 12/6/2017 Hitesh Mohapatra Ph.D 41

Recommended

PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)
PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)
PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)TokenEx
 
Best Practices for PCI Scope Reduction - TokenEx & Kyte
Best Practices for PCI Scope Reduction - TokenEx & KyteBest Practices for PCI Scope Reduction - TokenEx & Kyte
Best Practices for PCI Scope Reduction - TokenEx & KyteTokenEx
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flarezilberberg
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Identity theft and data responsibilities
Identity theft and data responsibilitiesIdentity theft and data responsibilities
Identity theft and data responsibilitiesPeter Henley
 
A Study on Applications of Blockchain
A Study on Applications of BlockchainA Study on Applications of Blockchain
A Study on Applications of Blockchainijtsrd
 
Mass Information Security Requirements January 2010
Mass Information Security Requirements January 2010Mass Information Security Requirements January 2010
Mass Information Security Requirements January 2010madamseane
 
Attacks on Point-of-Sales Systems | RapidSSLonline
Attacks on Point-of-Sales Systems | RapidSSLonlineAttacks on Point-of-Sales Systems | RapidSSLonline
Attacks on Point-of-Sales Systems | RapidSSLonlineRapidSSLOnline.com
 

Recommended

PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)
PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)
PCI Scope Reduction Using Tokenization for Security Assessors (QSA, ISA)TokenEx
 
Best Practices for PCI Scope Reduction - TokenEx & Kyte
Best Practices for PCI Scope Reduction - TokenEx & KyteBest Practices for PCI Scope Reduction - TokenEx & Kyte
Best Practices for PCI Scope Reduction - TokenEx & KyteTokenEx
 
Logs in Security and Compliance flare
Logs in Security and Compliance flareLogs in Security and Compliance flare
Logs in Security and Compliance flarezilberberg
 
International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)International Journal of Engineering Research and Development (IJERD)
International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Identity theft and data responsibilities
Identity theft and data responsibilitiesIdentity theft and data responsibilities
Identity theft and data responsibilitiesPeter Henley
 
A Study on Applications of Blockchain
A Study on Applications of BlockchainA Study on Applications of Blockchain
A Study on Applications of Blockchainijtsrd
 
Mass Information Security Requirements January 2010
Mass Information Security Requirements January 2010Mass Information Security Requirements January 2010
Mass Information Security Requirements January 2010madamseane
 
Attacks on Point-of-Sales Systems | RapidSSLonline
Attacks on Point-of-Sales Systems | RapidSSLonlineAttacks on Point-of-Sales Systems | RapidSSLonline
Attacks on Point-of-Sales Systems | RapidSSLonlineRapidSSLOnline.com
 
Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets Saumya Vishnoi
 
Bright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copyBright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copyBhagvan Kommadi
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overviewokrantz
 
PCI-DSS_Overview
PCI-DSS_OverviewPCI-DSS_Overview
PCI-DSS_Overviewsameh Abulfotooh
 
Critical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet BankingCritical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet BankingThomas Donofrio
 
IT Controls Presentation
IT Controls PresentationIT Controls Presentation
IT Controls PresentationBill Lisse
 
Pcidss qr gv3_1
Pcidss qr gv3_1Pcidss qr gv3_1
Pcidss qr gv3_1leon bonilla
 
Introduction to PCI DSS
Introduction to PCI DSSIntroduction to PCI DSS
Introduction to PCI DSSSaumya Vishnoi
 
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Alan McSweeney
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS ComplianceSaumya Vishnoi
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsHelpSystems
 
Threats
ThreatsThreats
ThreatsMentalist Akram
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionBlackbaud
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGhimalya sharma
 
Unlock Security Insight from Machine Data
Unlock Security Insight from Machine DataUnlock Security Insight from Machine Data
Unlock Security Insight from Machine DataNarudom Roongsiriwong, CISSP
 
3.7 HMIS: Ask the Experts
3.7 HMIS: Ask the Experts3.7 HMIS: Ask the Experts
3.7 HMIS: Ask the ExpertsNational Alliance to End Homelessness
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage PreventionMicrosoft TechNet - Belgium and Luxembourg
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Anil Jain
 
Critical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target BreachCritical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target BreachTeri Radichel
 
The Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUThe Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUResilient Systems
 
Unit-5.pptx
Unit-5.pptxUnit-5.pptx
Unit-5.pptxRoyBokhiriya
 

More Related Content

What's hot

Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets Saumya Vishnoi
 
Bright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copyBright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copyBhagvan Kommadi
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overviewokrantz
 
Critical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet BankingCritical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet BankingThomas Donofrio
 
IT Controls Presentation
IT Controls PresentationIT Controls Presentation
IT Controls PresentationBill Lisse
 
Introduction to PCI DSS
Introduction to PCI DSSIntroduction to PCI DSS
Introduction to PCI DSSSaumya Vishnoi
 
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Alan McSweeney
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsHelpSystems
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionBlackbaud
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGhimalya sharma
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Anil Jain
 
Critical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target BreachCritical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target BreachTeri Radichel
 

What's hot (20)

Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets Security Ecosystem of Digital Wallets
Security Ecosystem of Digital Wallets
 
Bright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copyBright talk ai_deep_learning_banks copy
Bright talk ai_deep_learning_banks copy
 
1. PCI Compliance Overview
1. PCI Compliance Overview1. PCI Compliance Overview
1. PCI Compliance Overview
 
PCI-DSS_Overview
PCI-DSS_OverviewPCI-DSS_Overview
PCI-DSS_Overview
 
Critical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet BankingCritical Security And Compliance Issues In Internet Banking
Critical Security And Compliance Issues In Internet Banking
 
IT Controls Presentation
IT Controls PresentationIT Controls Presentation
IT Controls Presentation
 
Pcidss qr gv3_1
Pcidss qr gv3_1Pcidss qr gv3_1
Pcidss qr gv3_1
 
Introduction to PCI DSS
Introduction to PCI DSSIntroduction to PCI DSS
Introduction to PCI DSS
 
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
 
PCI DSS Compliance
PCI DSS CompliancePCI DSS Compliance
PCI DSS Compliance
 
An Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power SystemsAn Introduction to PCI Compliance on IBM Power Systems
An Introduction to PCI Compliance on IBM Power Systems
 
Threats
ThreatsThreats
Threats
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
Moving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting IntroductionMoving to the Cloud: A Security and Hosting Introduction
Moving to the Cloud: A Security and Hosting Introduction
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
 
Unlock Security Insight from Machine Data
Unlock Security Insight from Machine DataUnlock Security Insight from Machine Data
Unlock Security Insight from Machine Data
 
3.7 HMIS: Ask the Experts
3.7 HMIS: Ask the Experts3.7 HMIS: Ask the Experts
3.7 HMIS: Ask the Experts
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017Sgsits cyber securityworkshop_4mar2017
Sgsits cyber securityworkshop_4mar2017
 
Critical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target BreachCritical Controls Might Have Prevented the Target Breach
Critical Controls Might Have Prevented the Target Breach
 

Similar to DIDS and AppIDS

The Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUThe Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUResilient Systems
 
Intrusion detection system and intrusion prevention system
Intrusion detection system and intrusion prevention systemIntrusion detection system and intrusion prevention system
Intrusion detection system and intrusion prevention systemsalutiontechnology
 
GDPR Noncompliance: Avoid the Risk with Data Virtualization
GDPR Noncompliance: Avoid the Risk with Data VirtualizationGDPR Noncompliance: Avoid the Risk with Data Virtualization
GDPR Noncompliance: Avoid the Risk with Data VirtualizationDenodo
 
GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilienceRishi Kant
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case studyAbhilash vijayan
 
Computer Security: Principles of Information Security
Computer Security: Principles of Information SecurityComputer Security: Principles of Information Security
Computer Security: Principles of Information Securityelipanganiban15
 
A Survey on Various Data Mining Technique in Intrusion Detection System
A Survey on Various Data Mining Technique in Intrusion Detection SystemA Survey on Various Data Mining Technique in Intrusion Detection System
A Survey on Various Data Mining Technique in Intrusion Detection SystemIOSRjournaljce
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)Maksim Djackov
 
Hadoop and Financial Services
Hadoop and Financial ServicesHadoop and Financial Services
Hadoop and Financial ServicesCloudera, Inc.
 
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...apidays
 
Intrusion Detection Systems
Intrusion Detection SystemsIntrusion Detection Systems
Intrusion Detection Systemsvamsi_xmen
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...Zara Nawaz
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsSateeshreddy N
 

Similar to DIDS and AppIDS (20)

The Target Breach - Follow The Money EU
The Target Breach - Follow The Money EUThe Target Breach - Follow The Money EU
The Target Breach - Follow The Money EU
 
Unit-5.pptx
Unit-5.pptxUnit-5.pptx
Unit-5.pptx
 
Intrusion detection system and intrusion prevention system
Intrusion detection system and intrusion prevention systemIntrusion detection system and intrusion prevention system
Intrusion detection system and intrusion prevention system
 
GDPR Noncompliance: Avoid the Risk with Data Virtualization
GDPR Noncompliance: Avoid the Risk with Data VirtualizationGDPR Noncompliance: Avoid the Risk with Data Virtualization
GDPR Noncompliance: Avoid the Risk with Data Virtualization
 
GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilience
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
 
Computer Security: Principles of Information Security
Computer Security: Principles of Information SecurityComputer Security: Principles of Information Security
Computer Security: Principles of Information Security
 
A Survey on Various Data Mining Technique in Intrusion Detection System
A Survey on Various Data Mining Technique in Intrusion Detection SystemA Survey on Various Data Mining Technique in Intrusion Detection System
A Survey on Various Data Mining Technique in Intrusion Detection System
 
ch08.ppt
ch08.pptch08.ppt
ch08.ppt
 
PCI Compliance (for developers)
PCI Compliance (for developers)PCI Compliance (for developers)
PCI Compliance (for developers)
 
Introduction IDS
Introduction IDSIntroduction IDS
Introduction IDS
 
Hadoop and Financial Services
Hadoop and Financial ServicesHadoop and Financial Services
Hadoop and Financial Services
 
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...
apidays LIVE New York 2021 - Security Design Patterns that Protect Sensitive ...
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Intrusion Detection Systems
Intrusion Detection SystemsIntrusion Detection Systems
Intrusion Detection Systems
 
information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...information security (Audit mechanism, intrusion detection, password manageme...
information security (Audit mechanism, intrusion detection, password manageme...
 
Cloud-Based Big Data Analytics
Cloud-Based Big Data AnalyticsCloud-Based Big Data Analytics
Cloud-Based Big Data Analytics
 
PCI-DSS for IDRBT
PCI-DSS for IDRBTPCI-DSS for IDRBT
PCI-DSS for IDRBT
 

More from Hitesh Mohapatra

Virtualization: A Key to Efficient Cloud Computing
Virtualization: A Key to Efficient Cloud ComputingVirtualization: A Key to Efficient Cloud Computing
Virtualization: A Key to Efficient Cloud ComputingHitesh Mohapatra
 
Automating the Cloud: A Deep Dive into Virtual Machine Provisioning
Automating the Cloud: A Deep Dive into Virtual Machine ProvisioningAutomating the Cloud: A Deep Dive into Virtual Machine Provisioning
Automating the Cloud: A Deep Dive into Virtual Machine ProvisioningHitesh Mohapatra
 
Harnessing the Power of Google Cloud Platform: Strategies and Applications
Harnessing the Power of Google Cloud Platform: Strategies and ApplicationsHarnessing the Power of Google Cloud Platform: Strategies and Applications
Harnessing the Power of Google Cloud Platform: Strategies and ApplicationsHitesh Mohapatra
 
Scheduling in Cloud Computing
Scheduling in Cloud ComputingScheduling in Cloud Computing
Scheduling in Cloud ComputingHitesh Mohapatra
 
Load balancing in cloud computing.pptx
Load balancing in cloud computing.pptxLoad balancing in cloud computing.pptx
Load balancing in cloud computing.pptxHitesh Mohapatra
 
ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelHitesh Mohapatra
 
Reviewing basic concepts of relational database
Reviewing basic concepts of relational databaseReviewing basic concepts of relational database
Reviewing basic concepts of relational databaseHitesh Mohapatra
 
Advanced database protocols
Advanced database protocolsAdvanced database protocols
Advanced database protocolsHitesh Mohapatra
 
Involvement of WSN in Smart Cities
Involvement of WSN in Smart CitiesInvolvement of WSN in Smart Cities
Involvement of WSN in Smart CitiesHitesh Mohapatra
 
Data Structure and its Fundamentals
Data Structure and its FundamentalsData Structure and its Fundamentals
Data Structure and its FundamentalsHitesh Mohapatra
 
WORKING WITH FILE AND PIPELINE PARAMETER BINDING
WORKING WITH FILE AND PIPELINE PARAMETER BINDINGWORKING WITH FILE AND PIPELINE PARAMETER BINDING
WORKING WITH FILE AND PIPELINE PARAMETER BINDINGHitesh Mohapatra
 
Basic commands for powershell : Configuring Windows PowerShell and working wi...
Basic commands for powershell : Configuring Windows PowerShell and working wi...Basic commands for powershell : Configuring Windows PowerShell and working wi...
Basic commands for powershell : Configuring Windows PowerShell and working wi...Hitesh Mohapatra
 

More from Hitesh Mohapatra (20)

Virtualization: A Key to Efficient Cloud Computing
Virtualization: A Key to Efficient Cloud ComputingVirtualization: A Key to Efficient Cloud Computing
Virtualization: A Key to Efficient Cloud Computing
 
Automating the Cloud: A Deep Dive into Virtual Machine Provisioning
Automating the Cloud: A Deep Dive into Virtual Machine ProvisioningAutomating the Cloud: A Deep Dive into Virtual Machine Provisioning
Automating the Cloud: A Deep Dive into Virtual Machine Provisioning
 
Harnessing the Power of Google Cloud Platform: Strategies and Applications
Harnessing the Power of Google Cloud Platform: Strategies and ApplicationsHarnessing the Power of Google Cloud Platform: Strategies and Applications
Harnessing the Power of Google Cloud Platform: Strategies and Applications
 
Scheduling in Cloud Computing
Scheduling in Cloud ComputingScheduling in Cloud Computing
Scheduling in Cloud Computing
 
Cloud-Case study
Cloud-Case study Cloud-Case study
Cloud-Case study
 
RAID
RAIDRAID
RAID
 
Load balancing in cloud computing.pptx
Load balancing in cloud computing.pptxLoad balancing in cloud computing.pptx
Load balancing in cloud computing.pptx
 
Cluster Computing
Cluster ComputingCluster Computing
Cluster Computing
 
ITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment modelITU-T requirement for cloud and cloud deployment model
ITU-T requirement for cloud and cloud deployment model
 
Leetcode Problem Solution
Leetcode Problem SolutionLeetcode Problem Solution
Leetcode Problem Solution
 
Leetcode Problem Solution
Leetcode Problem SolutionLeetcode Problem Solution
Leetcode Problem Solution
 
Trie Data Structure
Trie Data Structure Trie Data Structure
Trie Data Structure
 
Reviewing basic concepts of relational database
Reviewing basic concepts of relational databaseReviewing basic concepts of relational database
Reviewing basic concepts of relational database
 
Reviewing SQL Concepts
Reviewing SQL ConceptsReviewing SQL Concepts
Reviewing SQL Concepts
 
Advanced database protocols
Advanced database protocolsAdvanced database protocols
Advanced database protocols
 
Measures of query cost
Measures of query costMeasures of query cost
Measures of query cost
 
Involvement of WSN in Smart Cities
Involvement of WSN in Smart CitiesInvolvement of WSN in Smart Cities
Involvement of WSN in Smart Cities
 
Data Structure and its Fundamentals
Data Structure and its FundamentalsData Structure and its Fundamentals
Data Structure and its Fundamentals
 
WORKING WITH FILE AND PIPELINE PARAMETER BINDING
WORKING WITH FILE AND PIPELINE PARAMETER BINDINGWORKING WITH FILE AND PIPELINE PARAMETER BINDING
WORKING WITH FILE AND PIPELINE PARAMETER BINDING
 
Basic commands for powershell : Configuring Windows PowerShell and working wi...
Basic commands for powershell : Configuring Windows PowerShell and working wi...Basic commands for powershell : Configuring Windows PowerShell and working wi...
Basic commands for powershell : Configuring Windows PowerShell and working wi...
 

Recently uploaded

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...ranjana rawat
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 

Recently uploaded (20)

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 

DIDS and AppIDS

  • 1. Intrusion Detection Systems Lecture #6 Application-Specific and Database Intrusion Detection
  • 2. Introduction • Existing work on intrusion detection have mainly focused on network intrusion and host-based attacks • The earliest proposals for intrusion detection were based on the use of audit data from the host being monitored • Audit data is provided by the operating system or other applications running in the host • Host based intrusion detection (HIDS) is performed at the operating system level by comparing expected and observed system resource usage 12/6/2017 Hitesh Mohapatra Ph.D 2
  • 3. Introduction • Network intrusion detection systems (NIDSs) observe the network traffic that goes to and from the systems being monitored • NIDSs are positioned at various points in a network to detect any attack on the hosts of that network • To capture most of the data passing through the network, we need to position the IDS at the entry and exit point of the network to the outside world • Some more IDSs may also be placed in the internal network, depending on the level of security needed • This approach has the advantage is that even a single and properly placed NIDS can monitor a number of hosts 12/6/2017 Hitesh Mohapatra Ph.D 3
  • 4. Limitations of HIDSs • The information sources for HIDSs reside on the host, that is targeted by attackers. So, the IDS itself may be attacked and thereby disabled during the attack • In addition, HIDSs require resources of the host to operate and are harder to manage as information must be configured and managed for every host individually • An HIDS can only be trusted up to the point till the system/host is not compromised: – A secure logging mechanism is necessary to prevent logs from being erased if the attacker compromises the machine – An attacker obtaining super user privilege on the host can disable the HIDS – HIDS may become ineffective during DoS attacks 12/6/2017 4Hitesh Mohapatra Ph.D
  • 5. Limitations of NIDSs • Cannot see attacks arriving over a path that does not traverse the network segment being monitored • Cannot observe actions that occur inside a host (miss local attacks) • Use of encryption mechanisms during transmission make NIDSs ineffective because they cannot examine the contents of encrypted communications 12/6/2017 5Hitesh Mohapatra Ph.D
  • 6. Database IDS (DIDS) • Organizations use Data Base Management Systems (DBMS) as the main data management technology for storing and accessing information • Ability to access information and carry out on-line transactions from anywhere using the Internet and web- based applications increases the chances of attacks on database systems • It is found that 75% of the attacks on the Web occur at the application level • Concern regarding the security of databases has thus become more crucial in all information infrastructures 12/6/2017 Hitesh Mohapatra Ph.D 6
  • 7. Database IDS (DIDS) • Traditional database security mechanisms provide security features such as authentication, authorization, access control, data encryption and auditing • Despite the use of such prevention-based security mechanisms for enforcing organizational security, they are not sufficient for protection of data against syntactically correct but semantically damaging transactions • Moreover, in databases, some of the attributes are more sensitive to malicious modifications as compared to others • The development of an effective DIDS is essential for protecting sensitive and confidential (proprietary) information stored in DBMSs 12/6/2017 Hitesh Mohapatra Ph.D 7
  • 8. Application-Specific IDS (AppIDS) • AppIDS detect intrusions more accurately in context of the application by considering the semantics (domain knowledge) of the application and various application- specific rules • This type of IDS uses a large number of domain related attributes for profile building which makes the profile difficult to be guessed by the outside intruders as well as by the insiders • Intrusion detection is required at the application level for facilitating accurate detection of frauds in specific domains like credit card payment system, mobile communication networks, medical/automobile insurance, etc. 12/6/2017 Hitesh Mohapatra Ph.D 8
  • 9. Requirements of Application-Specific (AppIDS) and Database IDS (DIDS) • At the level of database, a file has an inherent structure which is subdivided into tables, rows and columns • HIDSs and NIDSs cannot detect changes to the structure or rows of the tables – For example, if data is stored in a file, then the OS level IDS can only determine whether or not the file as a whole has changed. It cannot identify any malicious updates/deletes made to attributes/records of the file • A DIDS/AppIDS can identify database level changes easily and thus are able to detect more critical attacks such as those carried out by internal intruders 12/6/2017 Hitesh Mohapatra Ph.D 9
  • 10. Database IDS (DIDS) • The attributes corresponding to a single transaction are known as intra-transactional (Eg. query type, accessed table name(s), accessed attribute name(s), transaction location and transaction time, etc.) • Attributes related to multiple transactions are called inter- transactional (Eg. which types of queries are invoked after which types of queries, which tables/attributes are accessed after which tables/attributes, time gap between successive transactions by the same user, etc.) • An IDS which detects intrusion only based on intra- transactional features like cannot identify the attacks in which the individual transactions are quite similar to that of normal transactions • When an attacker requests multiple transactions, it is possible to identify inter-transactional deviation 12/6/2017 10Hitesh Mohapatra Ph.D
  • 11. CASE STUDY OF AN APPIDS: CREDIT CARD FRAUD DETECTION SYSTEM 12/6/2017 Hitesh Mohapatra Ph.D 11
  • 12. Credit Card Fraud Detection System • Specific application of Intrusion Detection System • Fraudulent transactions on credit cards is a common problem especially with respect to online transactions • Thieves obtain card numbers by shoulder surfing, packet intercepting, database stealing, etc. • The problem is expected to multiply many-folds in the future 12/6/2017 12Hitesh Mohapatra Ph.D
  • 13. Types of Credit Card Purchases • Credit card purchases can be done in two ways: – Physical card purchases: Cardholder presents his card physically to a merchant for making a payment – Virtual card purchases: Only some important information about a card (card number, name on card, expiration date, secure code, etc.) is required to be entered for making the payment which are done on the Internet or over phone 12/6/2017 Hitesh Mohapatra Ph.D 13
  • 14. Types of Credit Card Fraud • According to the type of purchase, credit card frauds can be categorized into two types: 1) Physical Card Fraud: – To carry out fraudulent transactions in this kind of purchase, an attacker has to steal or clone the credit card – If the cardholder does not realize the loss of card, it can lead to a substantial financial loss to the credit card company 2) Virtual Card Fraud: – To commit fraud in these types of purchases, a fraudster requires to know the card details – The genuine cardholder may not aware that someone else has seen or stolen his card information – The only way to detect this kind of fraud is to analyze the spending patterns on every card and to figure out any inconsistency with respect to the “normal” spending patterns (profile) 12/6/2017 Hitesh Mohapatra Ph.D 14
  • 15. 15 Credit Card Fraud Detection • Credit card fraud detection is a specific application of intrusion detection in databases • Credit card fraud is increasing rapidly resulting in loss of billions of dollars every year • Effective technologies are required to detect fraud in order to maintain the viability of the payment system • Usually, every cardholder has a certain shopping behavior which establishes an activity/normal profile for him/her 12/6/2017 Hitesh Mohapatra Ph.D
  • 16. 16 Credit Card Fraud Detection • As a result of personal needs or seasonal needs, patterns of legitimate behavior may change over time • Systems that cannot “evolve” or “learn” soon become outdated resulting in large number of false alarms • The fraudster can also attempt new types of attacks so as to bypass the Credit Card Fraud Detection System (CCFDS) • Thus, there is a need for developing a CCFDS which can: – Combine multiple evidences including patterns of genuine cardholders as well as fraudsters – Adapt to the change of spending patterns of cardholders 12/6/2017 Hitesh Mohapatra Ph.D
  • 17. Challenges in Credit card Fraud Detection • Orders could be shipped to a different address than the billing address (normally while gifting to someone) • Orders could be shipped to a single address but made on multiple cards • The genuine transactions could be interspersed with the fraudulent transactions • Number of fraudulent transactions is quite less as compared to the volume of genuine transactions (class imbalance problem) • The company incurs a finite cost in the event of check back (manual confirmation with actual cardholder) • The customer may not be always contactable 12/6/2017 17Hitesh Mohapatra Ph.D
  • 18. Limitations of Existing CCFDS • Existing approaches on CCFD are either anomaly or misuse-based systems • Anomaly-based FDSs raise large number of false alarms and misuse-based FDSs cannot detect new fraud patterns: – Deviation in access behavior of genuine cardholders due to special requirements raise false alarms (Anomaly CCFDS) – New fraud types that the detection system is not aware of, mostly go undetected (Misuse CCFDS) • Objective: A hybrid CCFD model that integrates the advantages of both anomaly and misuse-based systems so as to achieve high detection rate along with minimized false alarms 1812/6/2017 Hitesh Mohapatra Ph.D
  • 19. 19 Case Study: Credit Card Fraud Detection • Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Credit Card Fraud Detection: A Fusion Approach using Dempster-Shafer Theory and Bayesian Learning”, Information Fusion (Special Issue on Information Fusion in Computer Security), Elsevier, Vol. 10, No. 4, Pages 354-363, 2009 12/6/2017 Hitesh Mohapatra Ph.D
  • 20. Case Study: Credit Card Fraud Detection • The basic idea of our approach is that: – Fraudsters are usually not completely familiar with the cardholder’s normal spending profile – Their aim is to gain maximum profit in a limited amount of time before they get caught • Transactions carried out by a fraudster usually show some deviation in terms of transaction amount as well as time gap between successive transactions (carrying out high value transactions frequently), which needs to be captured by our CCFDS 12/6/2017 Hitesh Mohapatra Ph.D 20
  • 21. 21 Proposed CCFD System • We have proposed a two-stage CCFDS that combines evidences from: – Cardholder’s current activity patterns (First Stage) – Cardholder’s past transaction profile as well as the history of fraudulent activities available to the card issuing bank (Second Stage) • The evidences are combined using the Dempster-Shafer theory and an initial belief (P(h)) is computed • An incoming transaction is classified as genuine, fraudulent or suspicious depending on the value of P(h) 12/6/2017 Hitesh Mohapatra Ph.D
  • 22. Proposed CCFD System • Two preset threshold values lower threshold (ѲLT) and upper threshold (ѲUT) are determined experimentally are used for taking decision about an incoming transaction • If a transaction is determined to be genuine or fraudulent, it is not processed further • If a transaction is found to be suspicious, the initial belief is updated using Bayesian learning based on additional evidence obtained from transaction history databases • Proposed CCFDS integrates anomaly detection and misuse detection techniques to improve the accuracy of the system 12/6/2017 Hitesh Mohapatra Ph.D 22
  • 23. Proposed CCFD System • To meet the required functionality, the proposed CCFDS is designed with the following four components:  Rule-based Filter (RBF)  Dempster-Shafer Adder (D-S Adder)  Transaction History Database (THD)  Bayesian Learner (BL) 12/6/2017 Hitesh Mohapatra Ph.D 23
  • 24. 24 Rule-Based Filter • Generic and customer-specific rules are used to monitor behavioral patterns of a cardholder • Each Rule Ri measures intrusiveness of a transaction by assigning basic probabilities mi(h) • The current model uses two rule-based techniques at this component: – Address Mismatch – Outlier Detection 12/6/2017 Hitesh Mohapatra Ph.D
  • 25. Rule-Based Filter 1) Address Mismatch(R1): • Orders could be shipped to a different address (shipping address) than the billing address • A transaction that clears this check can be classified as genuine with very high probability • The transactions that violate this check are labeled as suspect 2) Outlier Detection(R2): • A fraudster is likely to deviate from the customer’s profile, his transactions can thus be detected as outliers • We have used DBSCAN (Density Based Spatial Clustering of Applications with Noise) [3] algorithm to filter out outliers • Any transaction detected as an outlier gives evidence that it could be fraudulent 2512/6/2017 Hitesh Mohapatra Ph.D
  • 26. 26 Rule-Based Filter • In the current work, we have used “transaction amount” as an attribute for detecting outliers • The rule-based filter is essential since it separates out most of the genuine transactions so that the FDS do not have to unnecessarily investigate millions of regular legitimate transactions • This component is kept flexible so that new rules can always be added according to existing trends, further enriching its functionality 12/6/2017 Hitesh Mohapatra Ph.D
  • 27. 27 D-S Adder • The role of the D-S adder is to combine evidences from the rules R1 and R2 at the RBF in order to compute the initial belief P(h) for each transaction • The D-S adder uses the Dempster-Shafer theory (D-S theory) of evidence to combine information • The D-S theory assumes a Universe of Discourse U, also called Frame of Discernment, which is a set of mutually exclusive and exhaustive possibilities 12/6/2017 Hitesh Mohapatra Ph.D
  • 28. 28 D-S Adder • For every incoming transaction, the rules R1 and R2 share their independent observations about the behavior of the transaction • The observations are combined to form a decision about the transaction’s genuineness • Two basic probability assignments m1(h) and m2(h) are combined into a third basic probability assignment m(h) by the Dempster’s rule for combination as follows:       yx hyx ymxm ymxm hmhmhmhP )(*)(1 )(*)( )()()()( 21 21 21 12/6/2017 Hitesh Mohapatra Ph.D
  • 29. 29 D-S Adder • For the credit card fraud detection problem, U consists of two possible values for any suspected transaction: U = {fraud, ¬fraud} • For this U, the power set has three possible elements: h = {fraud} Transaction is fraudulent (Fraud) = {¬fraud} Transaction is not fraudulent (Genuine) (h, ) => Transaction is either fraudulent or genuine (Suspicious) h 12/6/2017 Hitesh Mohapatra Ph.D h
  • 30. First Stage Decision Making Decision making occurs in two stages in the proposed system First level inferences are made based on the initial belief  If initial belief < lower threshold (ѲLT), transaction is genuine  If initial belief > upper threshold (ѲUT), transaction is fraudulent  If lower threshold ≤ initial belief ≤ upper threshold, transaction is suspicious 12/6/2017 Hitesh Mohapatra Ph.D 30
  • 31. Transaction History Databases (THD) For tracking suspicious transactions, two transaction history databases are built: • Good Transaction History (GTH) – from customer’s past behavior (customer specific) • Fraud Transaction History (FTH) – from different types of past fraudulent data (generic) Past spending behavior is observed in terms of frequency of transactions in a specific time gap 12/6/2017 Hitesh Mohapatra Ph.D 31
  • 32. Transaction History Databases • Transaction gap is divided into four mutually exclusive and exhaustive events - D1, D2, D3 and D4 • Occurrence of each event (transaction) depends on the time since last purchase (transaction gap ρ) on any particular card 3212/6/2017 Hitesh Mohapatra Ph.D
  • 33. Transaction History Databases • Conditional probabilities (evidence) and are determined from the transaction history databases FTH and GTH respectively: • We have created two look-up tables FFT (Fraud Frequency Table) and GFT (Good Frequency Table) to maintain the values of the conditional probabilities 12/6/2017 Hitesh Mohapatra Ph.D 33
  • 34. Bayesian Learning  The general idea of belief revision is that, whenever new information becomes available, it may require updating of prior beliefs  The prior/initial belief P(h) can be updated by using Bayes’ Rule after getting the new information Di from the THD  Posterior belief (P(h| Di)) of a suspicious transaction is computed using Bayesian learning based on evidence from THD 3412/6/2017 Hitesh Mohapatra Ph.D
  • 35. Bayesian Learning • The goal of Bayesian learning is to find the most probable hypothesis hmap given the training data (Maximum A Posteriori Hypothesis) • Depending on which of the posterior values is greater, the future actions are decided by the FDS 12/6/2017 Hitesh Mohapatra Ph.D 35
  • 36. Second Stage Decision Making • Suspicion score (ψ) of transaction is updated by combining its posterior belief and initial belief • For the first suspicious transaction on a card, suspicion score is same as its initial belief • Final decision is made about the transaction according to its suspicion score 3612/6/2017 Hitesh Mohapatra Ph.D
  • 37. Initial Belief Analysis FFTFTH (Generic) TRANSACTION HISTORY DATABASE P(h) Genuine/Fraudulent suspect table Suspicious BPA_R1, BPA_R2 Incoming Transaction T on card Ck )|(),|( EhPEhP P(h) Suspicion Score Analysis D-S ADDER BAYESIAN LEARNER D-S ADDER RULE-BASED FILTER Genuine/Fraudulent Event E occurs Ck, P(Ck) )RoundLast(  GTH (User specific) GFT )|(),|( hEPhEP )RoundCurrent( UTLT  , UTLT  , Flow of Events in the Proposed CCFD System 3712/6/2017 Hitesh Mohapatra Ph.D
  • 38. Mobile Telecommunication Fraud Detection • Extension of the proposed approach was developed with new features such as “transaction type” for fraud detection in mobile communication networks by considering the domain- related issues and also including the various application- specific changes [4] – Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Use of Dempster-Shafer Theory and Bayesian Inferencing for Fraud Detection in Mobile Communication Networks”, Lecture Notes in Computer Science (LNCS-4586), Springer Verlag, Australasian Conference on Information Security and Privacy (ACISP), Townsville, Queensland, Australia, Pages 446-460, 2007 12/6/2017 Hitesh Mohapatra Ph.D 38
  • 39. Database Intrusion Detection • Generalization of the proposed approach for intrusion detection in databases by applying an extension of Dempster-Shafer theory and Bayesian inferencing • Sensitivity of attributes is also taken into consideration for tracking against malicious modifications – Published in • IEEE Symposium on Computational Intelligence in Cyber Security (CICS 2009) [5] • Information Systems Frontiers (Special Issue on Security Management and Technologies for Protecting Against Internal Data Leakages), Springer, 2010 [6] 12/6/2017 Hitesh Mohapatra Ph.D 39
  • 40. 40 References 1. A. C. Murray, “The Threat From Within, Network Computing”, URL – http://www.networkcomputing.com/data-protection/the-threat-from- within/229616352, August 2005 2. Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Credit Card Fraud Detection: A Fusion Approach using Dempster- Shafer Theory and Bayesian Learning”, Information Fusion (Special Issue on Information Fusion in Computer Security), Elsevier, Vol. 10, No. 4, Pages 354-363, 2009 3. M. Ester, H. P. Kriegel, J. Sander and X. Xu, “A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise”, In Proceedings of the 2nd International Conference on Knowledge Discovery and Data Mining (KDD),Pages: 226-231, 1996 12/6/2017 Hitesh Mohapatra Ph.D
  • 41. References 4. Suvasini Panigrahi, Amaln Kundu, Shamik Sural and A. K. Majumdar, “Use of Dempster-Shafer Theory and Bayesian Inferencing for Fraud Detection in Mobile Communication Networks”, Lecture Notes in Computer Science (LNCS-4586), Springer Verlag, Australasian Conference on Information Security and Privacy (ACISP), Townsville, Queensland, Australia, Pages 446-460, 2007 5. Suvasini Panigrahi, Shamik Sural and A. K. Majumdar, “Detection of Intrusive Activity in Databases by Combining Multiple Evidences and Belief Update”, IEEE Symposium on Computational Intelligence in Cyber Security (CICS 2009), Nashville, Tennessee, USA, Pages 83-90, 2009 6. Suvasini Panigrahi, Shamik Sural and A. K. Majumdar, “Two-Stage Database Intrusion Detection by Combining Multiple Evidence and Belief Update”, Information Systems Frontiers (Special Issue on Security Management and Technologies for Protecting Against Internal Data Leakages), Springer, DOI: 10.1007/s10796-010-9252-2, Pages 1-19, Online First 11th August 2010 12/6/2017 Hitesh Mohapatra Ph.D 41