Data Buddies Survey
Undergraduate Survey http://bit.ly/CSundergraduate What is it? ○ Anonymous survey provided by CRA open now
through Oct. 31st Intrusion Detection Why is it important? ○ Your feedback gives department real-time data on curriculum, pedagogy, student support and COMP 435 cultural climate from student POV Graduate Survey What’s in it for you? Fall 2017 http://bit.ly/CSgraduate ○ Completion of survey means raffle entry and chance to win Amazon gift card (dept to raffle more than $1K Prof. Cynthia Sturton in gift cards)
***Check your email for more details***
2
Assignment 1 Grades
● Average (Mean) Score: 89.2%
● Median Score: 95%
● Standard Deviation: 17.89
3 4 Assignment 1 Grades Intrusions
5 6
Intrusions Case Study: Target Breach
1. Information gathering 1. Reconnaissance 2. Initial access 3. Privilege escalation 4. Data collection 5. Maintaining access 6. Covering tracks
7 8 Case Study: Target Breach Case Study: Target Breach
1. Reconnaissance 2. Initial Access
9 10
Case Study: Target Breach Case Study: Target Breach
3. Privilege escalation 4. Data collection
5. Maintaining access
6. Covering tracks
11 12 Points to Consider with the Target Breach Intrusion Detection Systems (IDS)
● Security perimeter ● Not intrusion prevention!
● Benign data ● Host based IDS (HIDS)
● Warnings ● Network based IDS (NIDS)
● Hybrid IDS
13 14
Goals of Intrusion Detection
● Be quick
● Collect data
● Deter attacks
15 16 Computer Security: Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015. Base Rate Fallacy Threat
If the base rate of incidence is low, then most alarms will be false alarms Users become habituated to ignoring alarms
17 18
Conditional Probability
P(A|B) = P(A∩B) P(B) A B In-class Exercise = P(B|A)P(A) P(B)
19 20 Methods of Analysis Host-based Intrusion Detection Systems (HIDS)
● Anomaly detection ● Detects external and internal threats
● Heuristic ● Antivirus software
21 22
Network-based Intrusion Detection Systems (NIDS) Honeypots
23 24 Computer Security: Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015. Computer Security: Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015.