sign in sign up
<<
Home , Antivirus software

Buddies Survey

Undergraduate Survey http://bit.ly/CSundergraduate What is it? ○ Anonymous survey provided by CRA open now

through Oct. 31st Intrusion Detection Why is it important? ○ Your feedback gives department real-time data on curriculum, pedagogy, student support and COMP 435 cultural climate from student POV Graduate Survey What’s in it for you? Fall 2017 http://bit.ly/CSgraduate ○ Completion of survey means raffle entry and chance to win Amazon gift card (dept to raffle more than $1K Prof. Cynthia Sturton in gift cards)

***Check your email for more details***

2

Assignment 1 Grades

● Average (Mean) Score: 89.2%

● Median Score: 95%

● Standard Deviation: 17.89

3 4 Assignment 1 Grades Intrusions

5 6

Intrusions Case Study: Target Breach

1. Information gathering 1. Reconnaissance 2. Initial access 3. 4. Data collection 5. Maintaining access 6. Covering tracks

7 8 Case Study: Target Breach Case Study: Target Breach

1. Reconnaissance 2. Initial Access

9 10

Case Study: Target Breach Case Study: Target Breach

3. Privilege escalation 4. Data collection

5. Maintaining access

6. Covering tracks

11 12 Points to Consider with the Target Breach Intrusion Detection Systems (IDS)

perimeter ● Not intrusion prevention!

● Benign data ● Host based IDS (HIDS)

● Warnings ● Network based IDS (NIDS)

● Hybrid IDS

13 14

Goals of Intrusion Detection

● Be quick

● Collect data

● Deter attacks

15 16 Security: Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015. Base Rate Fallacy

If the base rate of incidence is low, then most alarms will be false alarms Users become habituated to ignoring alarms

17 18

Conditional Probability

P(A|B) = P(A∩B) P(B) A B In-class Exercise = P(B|A)P(A) P(B)

19 20 Methods of Analysis Host-based Intrusion Detection Systems (HIDS)

● Anomaly detection ● Detects external and internal threats

● Heuristic ● Antivirus software

21 22

Network-based Intrusion Detection Systems (NIDS) Honeypots

23 24 : Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015. Computer Security: Principles and Practice, 3rd ed. William Stallings and Lawrie Brown. Pearson, 2015.