Intrusion Detection
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar projects crazy
Active In SP
**

Posts: 604
Joined: Dec 2008
#1
30-12-2008, 02:24 PM


Download full Article
In the last three years, the networking revolution has finally come of age. More than ever before, we see that the Internet is changing computing as we know it. The possibilities and opportunities are limitless; unfortunately, so too are the risks and chances of malicious intrusions.

It is very important that the security mechanisms of a system are designed so as to prevent unauthorized access to system resources and data. However, completely preventing breaches of security appear, at present, unrealistic. We can, however, try to detect these intrusion attempts so that action may be taken to repair the damage later. This field of research is called Intrusion Detection.

Anderson, while introducing the concept of intrusion detection in 1980, defined an intrusion attempt or a threat to be the potential possibility of a deliberate unauthorized attempt to

? access information,

? manipulate information, or

? render a system unreliable or unusable.

Since then, several techniques for detecting intrusions have been studied. This paper discusses why intrusion detection systems are needed, the main techniques, present research in the field, and possible future directions of research.

SECURITY POLICY

A Security Policy defines what is permitted and what is denied on a system. There are two basic philosophies behind any security policy:

? Prohibitive where everything that is not expressly permitted is denied.

? Permissive where everything that is not expressly denied is permitted.

Elements of a System?s Security

A computer system can be considered as a set of resources which are available for use by authorized users. A paper by Donn P outlines six elements of security that must be addressed by a security administrator. It is worth evaluting any tool by determining how it address these six elements.

? Availability - the system must be available for use when the users need it. Similarly, critical data must be available at all times.

? Utility - the system, and data on the system, must be useful for a purpose.

? Integrity - the system and its data must be complete, whole, and in a readable condition.

? Authenticity - the system must be able to verify the identity of users, and the users should be able to verify the identity of the system.

? Confidentiality - private data should be known only to the owner of the data, or to a chosen chosen few with whom the owner shares the data.

? Possession - the owners of the system must be able to control it. Losing control of a system to a malicious user affects the security of the system for all other users.
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
computer science crazy
Super Moderator
******

Posts: 3,048
Joined: Dec 2008
#2
14-02-2009, 11:36 PM

1. INTRODUCTION

1.1 Security Concerns

Despite nearly universal efforts to protect corporate networks, todayâ„¢s distributed organizations are still susceptible to a multitude of attacks. IT executives are challenged to extend security beyond the corporate backbone to protect a variety of potential vulnerabilities, including Internet connections, communication channels between remote and corporate offices and links between trusted business partners. Unfortunately, the preventive measures employed to secure corporate resources and internal traffic donâ„¢t provide the breadth or depth of analysis needed to identify attempted attacks or uncover potential threats across the organization.

1.2 Network Security Management

Security is the process of staying informed. The goals of security include Confidentiality (ensuring only authorized users can read or copy a given file or object), Control (only authorized users can decide when to allow access to information), Integrity (only authorized users can alter or delete a given file or object), Authenticity (correctness of attribution or description), Availability (no unauthorized user can deny authorized users timely access to files or other system resources), and Utility (fitness for a specified purpose).

Network Security Management is a process in which one establishes and maintains policies, procedures, and practices required for protecting networked information system assets. The various tools & steps used today for maintaining corporate network security are indicated in Fig.1.

Fig.1 Information Security Market

Any security technology is based on a layered architecture called the Security Hierarchy. The security policy and standards form the foundation of this hierarchy over which other layers like security architecture & processes, security awareness & training, the technology & product and finally auditing, monitoring & investigation, which contribute to overall security.

1.3 Why firewalls are not enough?

Firewalls act as a barrier between corporate (internal) networks and the outside world (Internet), and filter incoming traffic according to a security policy. Thus, a firewall provides a good amount of security lest sufficient protection due to the following facts:

1. Not all access to the Internet occurs through the firewall.

Users, for a variety of reasons ranging from naiveté to impatience, sometimes set up unauthorized modem connections between their systems connected to the internal network and outside Internet access providers or other avenues to the Internet. The firewall cannot mitigate risk associated with connections it never sees.

2. Not all threat originates outside the firewall.

A vast majority of loss due to security incidents is traced to insiders. These include the users who misuse privileges or impersonate higher privileges. The firewall only sees traffic at the boundaries between the internal network and the Internet. If the traffic reflecting security breaches never flows past the firewall, it cannot see the problems.

Organizations utilize strong encryption mechanisms to secure files and network connections. In securing the network from the outside threat, the threat from within the network is almost completely forgotten. Intrusion detection systems are the only part of the infrastructure that is privy to the traffic on the internal network. Therefore, they will become even more important as security infrastructures evolve.

3. Firewalls are subject to attack themselves.

Firewalls are not completely foolproof. A firewall generally makes pass-deny decision on the basis of allowable network addresses. Intelligent firewalls may analyze the contents of packets of certain protocols but they may only identify the anomaly related to that protocol.

A common attack strategy is to utilize tunneling to bypass firewall protections. Tunneling is the practice of encapsulating a message in one protocol (that might be blocked by firewall filters) inside a second message. Thus the inside message gets through as the firewall considers outer, encapsulating message harmless.

In order to strengthen the security, one cannot rely on any single tool. Hence a firewall must be complemented by Intrusion Detection Tools.

1.4 Intrusion Detection Systems

1.4.1 Definition

Intrusion Detection is the unrelenting active attempts in discovering or detecting the presence of intrusive activities. It refers to all processes used in discovering unauthorized uses of network or computer devices. This is achieved through specifically designed software with a sole purpose of detecting unusual or abnormal activity. Such software is called Intrusion Detection System.

1.4.2 History of IDS

The original idea behind automated ID is credited to James P. Anderson who, in 1980, published a study outlining ways to improve computer security auditing and surveillance at customer sites. This paper paved the way to development of misuse detection for mainframe systems.

Between 1984 and 1986, Dorothy Denning and Peter Neumann researched and developed the first model of a real-time ID. This prototype was named the Intrusion Detection Expert System (IDES). This IDES was initially a rule-based expert system trained to detect known malicious activity. This same system has been refined and enhanced to form what is known today as the Next-Generation Intrusion Detection Expert System (NIDES).

During the last 2 decades, numerous project and implimentations like Discovery, Haystack, Multics Intrusion Detection and Alerting System (MIDAS), Network Audit Director and Intrusion Reporter (NADIR) were all developed to detect intrusions.

1.4.3 Why do we require IDS?

To answer this question, we need to understand why intruders can get into the system. There are various reasons of which the prominent ones are:

* Software bugs “ they can be buffer overflows, unexpected combinations, unhandled inputs, race conditions etc. Software has bugs because programmers cannot track down and eliminate all possible holes.
* Password Cracking “ hackers have over the time developed numerous ways to break into systems by knowing passwords that were really weak, or by making dictionary & brute force attacks.
* Design flaws “ many systems that were developed early were never designed to handle the wide scale intrusion that is there today. These include TCP/IP protocol flaws, operating system flaws etc.
* Sniffing unsecured traffic “ traffic on the Internet is not encrypted. Hackers can use programs that can get sensitive information from packets over the network. These include the packet sniffers, port scanners etc.

A firewall cannot always handle attacks directed to exploit these flaws. Hence we require IDS which can logically complement the firewall.

2. CLASSIFICATION OF

INTRUSION DETECTION SYSTEMS

There are two ways to classify Intrusion Detection Systems.

2.1 Classification by Monitoring Approach

2.1.1 Application based IDS

Application-based intrusion detection sensors collect information at the application level. Examples of application-level include logs generated by database management software, web servers, or firewalls. With the proliferation of Web-based electric commerce, security will increasingly focus on interactions between users and application programs and data.

Advantages:

¢ This approach allows targeting of finer grained activities on the system (e.g. one can monitor for a user utilizing a particular application feature.)

Disadvantages:

¢ Applications-layer vulnerabilities can undermine the integrity of application-based monitoring and detection approaches.

2.1.2 Host based IDS

A host based IDS resides on the system being monitored and tracks changes made to important files and directories. It takes a snap shot of existing system files and matches it to the previous snap shot. If the critical system files were modified or deleted, the alert is sent to the administrator to investigate. The example of the host based IDS can be seen on the mission critical machines, that are not expected to change their configuration.

Host-based intrusion detection started in the early 1980s before networks were as prevalent, complex and interconnected as they are today. In this simpler environment, it was common practice to review audit logs for suspicious activity. Intrusions were sufficiently rare that after-the-fact analysis proved adequate to prevent future attacks.

Host based intrusion detection tools normally employ agents that must to be installed on the key systems that are to be protected. These agents must be custom built for each platformâ„¢s hardware and software version, and their function is to continuously monitor host-generated logs. The agents monitor the state of the system and various kernel structures to verify the integrity of the system.

Todayâ„¢s host-based intrusion detection systems remain a powerful tool for understanding previous attacks and determining proper methods to defeat their future application. Host-based IDS still use audit logs, but they are much more automated, having evolved sophisticated and responsive detection techniques. Host based IDS typically monitor user and file activity, file accesses, changes to file permissions, attempts to install new executables (including Trojan horses) and attempt to access privileged services. Log files like security logs on Windows NT and syslog in UNIX environments are monitored. When any of these files change, the IDS compares the new log entry with attack signatures to see if there is a match. If so, the system responds with administrator alerts and other calls to action.

Host-based IDS have grown to include other technologies. One popular method for detecting intrusions is to check key system files and executables via checksums at regular intervals for unexpected changes. The timeliness of the response is in direct relation to the frequency of the polling interval. Some products listen to port activity and alert administrators when specific ports are accessed. This type of detection brings an elementary level of network-based intrusion detection into the host-based environment.

One of the main benefits of host based IDS is that it does not have to look for patterns. It only checks for changes within a specified set of rules. Most intrusion detection systems include default policies for specific operating systems. These policies vary with the design of the system being monitored. An administrator can use this information upon initial installation to learn the behaviors of files and directories under normal system activity and enable him or her to fine-tune the policy through trial and error.

Advantages:

¢ Systems can map problem activities to a specific user id

¢ Systems can track behavior changes associated with misuse

¢ Systems can operate in encrypted environments

¢ Systems can operate in switched network environments

¢ Systems can distribute the load associated with monitoring across available hosts on large networks, thereby cutting deployment costs.

¢ Systems require no additional hardware.

Disadvantages:

¢ Network activity is not visible to host-based detectors

¢ Running audit mechanisms can incur additional resource overhead

¢ When audit trails are used as data sources, they can take up significant storage

¢ Operating system vulnerabilities can undermine the integrity of host-based agents and analyzers

¢ Host-based agents must be more platforms specific, which adds to deployment costs

¢ Management and deployment costs associated with host-based systems are usually greater than in other approaches.

Example of host based IDS are Symantecâ„¢s Intruder Alert and Purdue Universityâ„¢s Tripwire (developed by Dr. Eugene Spafford and Gene Kim).

2.1.3 Network based IDS

Network based intrusion detection systems use raw network packets as the data source. A network based IDS typically utilize a packet sniffer, using network interfaces or adapter running in promiscuous mode to monitor and analyze all traffic in real-time as it travels across the network.

There are two main forms of NIDS which are common in commercial products which are in use today. The first is the ËœRawâ„¢ pattern matching NIDS which are designed to do a comparison to the packets they capture and match attacks based on the data captured. This style of NIDS can be considered a Ëœpacket grep[1]â„¢ NIDS, examples being Snort or Dragon. Alternatively, a ËœSmartâ„¢ NIDS can interpret the packet, and attempt to understand the protocol that is being captured in order to identify. ISS RealSecure is an example of a Smart NIDS.

Another variant of NIDS is Network Node Intrusion detection system (NNIDS) “ it performs the analysis of the traffic that is passed from the network to a specific host. The difference between NIDS and NNIDS is that the traffic is monitored on the single host only and not for the entire subnet.

Advantages:

¢ The data come without any special requirements for auditing or logging mechanisms; in most cases collection of network data occurs with the configuration of a network interface card.

¢ The insertion of a network-level agent does not affect existing data sources.

¢ Network-level agents can monitor and detect network attacks. (e.g., SYN flood and packet storm attacks) by checking the content of both the packet header and payload.

¢ Network based IDS use live network traffic for real-time attack detection. Hence attacker cannot remove the evidence, as against host based IDS, where hackers know very well how to manipulate audit logs to remove their evidence.

¢ They are not dependent on host operating systems as detection sources.

¢ Real time detection and response can terminate any malicious activity, as against host based IDS, where an attack is not recognized until a suspicious log entry is written.

Disadvantages:

¢ Although some network-based systems can infer from network traffic what is happening on hosts, they cannot tell the outcome of commands executed on the host. This is an issue in detection, when distinguishing between user error and malfeasance.

¢ Network-based agents cannot scan protocols or content if network traffic is encrypted.

¢ Network-based monitoring and intrusion detection becomes more difficult on modern switched networks. Switched networks establish a network segment for each host; therefore, network-based monitors are reduced to monitoring a single host. Network switches that support a monitoring or scanning port can at least partially mitigate this issue.

¢ Current network-based monitoring approaches cannot handle high-speed networks.

2.2 Classification by Timing of Information Collection & Analysis

2.2.1 Batch or Interval Oriented IDS

In batch-oriented (also called interval-oriented) approaches, operating-system audit mechanisms or other host-based agents log event information to files and the intrusion detection system periodically analyzes these files for signs of intrusion or misuse.

Advantages:

¢ They are well suited to environments in which threat levels are low and single-attack loss potentials high (e.g., financial institutions).

¢ Batch mode analysis schemes impose less processing load on systems than real-time analysis, especially when collection intervals are short and data volumes are therefore low.

¢ Batch-oriented collection and analysis of information are particularly well suited to organizations in which system and personnel resources are limited.

¢ Attacks on computer systems often involve repetitive attacks on the same targets.

Disadvantages:

¢ Users will seldom see incidents before they are complete.

¢ Aggregation of information may consume more disk storage on the analysis system.
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
seminar class
Active In SP
**

Posts: 5,361
Joined: Feb 2011
#3
20-04-2011, 11:43 AM


.docx   intrusion detection system.docx (Size: 267.53 KB / Downloads: 54)
Chapter 1
Introduction

Recent and anticipated changes in technology arising from the convergence of communications and computing are truly breathtaking, and have already had a significant impact on many aspects of life. Banking, stock exchanges, air traffic control, telephones, electric power, health care, welfare and education are largely dependent of information technology and telecommunications for their operation. We are moving towards the point where it is possible to assert that everything depends on software.
The increased capacities of information systems today come at the cost of increased vulnerability. Information technology has begun to produce criminal opportunities of a variety that the brightest criminals of yore couldn't even begin to dream about.
Intrusion-detection systems collect information from a variety of vantage points within computer systems and networks and analyze this information for symptoms of security breaches. Intrusion-detection and vulnerability-assessment technologies allow organizations to protect themselves from losses associated with network security problems. Intrusion-detection is the logical complement to network firewalls, extending the security management capabilities of system administrators to include security audit, monitoring, attack recognition, and response.
1.1 Cyber Crime
Cyber crime or e-crime or high-tech crime generally refers to criminal activity where network is the target or place of crime. The term cyber crime is used to describe criminal activity in which the computer or network is the necessary part of the crime.
Cyber crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), and data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery(ID theft), electronic fraud.
1.2 Cyber Criminals
The cyber criminals constitute of various groups/ category. This division may be justified on the basis of the object that they have in their mind. The following are the category of cyber criminals:-
• Children and adolescents between the age group of 6 – 18 years – The simple reason for this type of delinquent behavior pattern in children is seen mostly due to the inquisitiveness to know and explore the things. Other cognate reason may be to prove themselves to be outstanding amongst other children in their group. Further the reasons may be psychological even. E.g. the BAL Bharati (Delhi) case was the outcome of harassment of the delinquent by his friends.
• Organized hackers- These kinds of hackers are mostly organized together to fulfill certain objective. The reason may be to fulfill their political bias, fundamentalism, etc. The Pakistanis are said to be one of the best quality hackers in the world. They mainly target the Indian government sites with the purpose to fulfill their political objectives. Further the NASA as well as the Microsoft sites is always under attack by the hackers.
• Professional hackers / crackers – Their work is motivated by the color of money. These kinds of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are unemployed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.
• Discontented employees- This group includes those people who have been either sacked by their employer or are dissatisfied with their employer. To avenge they normally hack the system of their employee.
1.3 Prevention Methods
• Firewalls- These are programs, which protect a user from unauthorized access attacks while on a network. They provide access to only known users, or people who the user permits.
• Frequent Password Changing- With the advent of multi-user systems, security has become dependent on passwords. Thus one should always keep passwords to sensitive data secure. Changing them frequently and keeping them sufficiently complex in the first place can do this.
• Safe Surfing- This is a practice, which should be followed by all users on a network. Safe surfing involves keeping ones e-mail address private, not chatting on open systems, which do not have adequate protection methods, visiting secure sites. Accepting data from only known users, downloading carefully, and then from known sites also minimizes risk.
• Frequent Virus Checks- One should frequently check ones computer for viruses and worms. Also any external media such as floppy disks and CD ROMs should always be virus checked before running.
• Email Filters- These are programs, which monitor the inflow of mails to the inbox and delete automatically any suspicious or useless mails thus reducing the chances of being bombed or spoofed.
Chapter 2
Intrusion Detection System

With the increasing dependence of the world economy, state structures, communications, industry and business on information technologies, the risk related to the ever pervasive intrusions in the electronic space also increases. Malicious intruders overcome protection systems, designed to limit access to the institution computer network resources installed in banks or companies. In order to reduce the risk and possible consequences, it is very important to identify intrusions at the initial stage of their realization and to respond to them appropriately.
For this purpose the intrusion detection systems can be applied. The Intrusion Detection System (IDS) is a protection system intended to identify and to respond to the malicious activities directed against the computer and computer network resources. It is important that the intrusion detection system should process all packets transmitted over the network irrespective of the network usage, i.e. it is necessary to reduce the number of dropped packets to the minimum.
2.1 Intrusion and Intrusion Detection
Intrusions are actions that attempt to bypass security mechanisms of computer systems. So they are any set of actions that threatens the integrity, availability, or confidentiality of a network resource. In short, an intrusion is an intentional violation of the security policy of a system. They are commonly referred to as penetrations.
Intrusion Detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of intrusions like unauthorized entrance, activity or file modification.
There are three steps in the process of intrusion detection which are
• Monitoring and analyzing traffic
• Identifying abnormal activities
• Assessing severity and raising alarm
2.2 Firewalls
Firewalls act as a barrier between corporate (internal) networks and the outside world (Internet), and filter incoming traffic according to a security policy. Firewalls have simple rules such as to allow or deny protocols, ports or IP addresses. Firewalls are too deep in the network hierarchy. The router may be affected even before the firewall gets the traffic. Firewalls can effectively prevent users from launching simple flooding type attacks from machines behind the firewall.
2.3 Why firewalls are not enough?
Firewalls act as a barrier between corporate (internal) networks and the outside world (Internet), and filter incoming traffic according to a security policy. Thus, a firewall provides a good amount of security lest sufficient protection due to the following facts:
• Not all access to the Internet occurs through the firewall: Users, for a variety of reasons ranging from naiveté to impatience, sometimes set up unauthorized modem connections between their systems connected to the internal network and outside Internet access providers or other avenues to the Internet. The firewall cannot mitigate risk associated with connections it never sees.
• Not all threat originates outside the firewall: A vast majority of loss due to security incidents is traced to insiders. These include the users who misuse privileges or impersonate higher privileges. The firewall only sees traffic at the boundaries between the internal network and the Internet. If the traffic reflecting security breaches never flows past the firewall, it cannot see the problems. Organizations utilize strong encryption mechanisms to secure files and network connections. In securing the network from the outside threat, the threat from within the network is almost completely forgotten. Intrusion detection systems are the only part of the infrastructure that is privy to the traffic on the internal network. Therefore, they will become even more important as security infrastructures evolve.
• Firewalls are subject to attack themselves: Firewalls are not completely foolproof. A firewall generally makes pass-deny decision on the basis of allowable network addresses. Intelligent firewalls may analyze the contents of packets of certain protocols but they may only identify the anomaly related to that protocol.
A common attack strategy is to utilize tunneling to bypass firewall protections. Tunneling is the practice of encapsulating a message in one protocol (that might be blocked by firewall filters) inside a second message. Thus the inside message gets through as the firewall considers outer, encapsulating message harmless.
In order to strengthen the security, one cannot rely on any single tool. Hence a firewall must be complemented by Intrusion Detection Tools.
2.4 Intrusion Detection Systems
2.4.1 Definition:
Intrusion Detection is the unrelenting active attempts in discovering or detecting the presence of intrusive activities. It refers to all processes used in discovering unauthorized uses of network or computer devices. This is achieved through specifically designed software with a sole purpose of detecting unusual or abnormal activity. Such software is called Intrusion Detection System.
Intrusion Detection System or IDS is software, hardware or combination of both used to detect intruder activity. Intrusion Detection System is software that automates the intrusion detection process and detects possible intrusions.
2.4.2 Why do we require IDS?: To answer this question, we need to understand why intruders can get into the system. There are various reasons of which the prominent ones are:
• Software bugs – they can be buffer overflows, unexpected combinations, unhandled inputs, race conditions etc. Software has bugs because programmers cannot track down and eliminate all possible holes.
• Password Cracking – hackers have over the time developed numerous ways to break into systems by knowing passwords that were really weak, or by making dictionary & brute force attacks.
• Design flaws – many systems that were developed early were never designed to handle the wide scale intrusion that is there today. These include TCP/IP protocol flaws, operating system flaws etc.
• Sniffing unsecured traffic – traffic on the Internet is not encrypted. Hackers can use programs that can get sensitive information from packets over the network. These include the packet sniffers, port scanners etc.
Reply
seminar flower
Super Moderator
******

Posts: 10,120
Joined: Apr 2012
#4
30-06-2012, 03:42 PM

Intrusion Detection


.ppt   Intrusion Detection.ppt (Size: 92 KB / Downloads: 192)
Intrusion and Intrusion Detection

Intrusion : Attempting to break into or misuse your system.
Intruders may be from outside the network or legitimate users of the network.
Intrusion can be a physical, system or remote intrusion.

Different ways to intrude

Buffer overflows
Unexpected combinations
Unhandled input
Race conditions

Intrusion Detection Systems (IDS)

Intrusion Detection Systems look for attack signatures, which are specific patterns that usually indicate malicious or suspicious intent.

Anomaly based IDS

This IDS models the normal usage of the network as a noise characterization.
Anything distinct from the noise is assumed to be an intrusion activity.
E.g flooding a host with lots of packet.
The primary strength is its ability to recognize novel attacks.

Drawbacks of Anomaly detection IDS

Assumes that intrusions will be accompanied by manifestations that are sufficiently unusual so as to permit detection.
These generate many false alarms and hence compromise the effectiveness of the IDS.

Signature based IDS

This IDS possess an attacked description that can be matched to sensed attack manifestations.
The question of what information is relevant to an IDS depends upon what it is trying to detect.
E.g DNS, FTP etc.
ID system is programmed to interpret a certain series of packets, or a certain piece of data contained in those packets,as an attack. For example, an IDS that watches web servers might be programmed to look for the string “phf” as an indicator of a CGI program attack.
Most signature analysis systems are based off of simple pattern matching algorithms. In most cases, the IDS simply looks for a sub string within a stream of data carried by network packets. When it finds this sub string (for example, the ``phf'' in ``GET /cgi-bin/phf?''), it identifies those network packets as vehicles of an attack.

Host/Applications based IDS

The host operating system or the application logs in the audit information.
These audit information includes events like the use of identification and authentication mechanisms (logins etc.) , file opens and program executions, admin activities etc.
This audit is then analyzed to detect trails of intrusion.

Drawbacks of the host based IDS

The kind of information needed to be logged in is a matter of experience.
Unselective logging of messages may greatly increase the audit and analysis burdens.
Selective logging runs the risk that attack manifestations could be missed.

Reply
Guest
Thinking To Register

 
#5
05-07-2012, 02:29 PM

how to downlode this topic that is inrusion detection
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  DETECTION OF WORMHOLE ATTACK IN MANET seminar ideas 5 1,399 26-08-2015, 12:37 AM
Last Post: Leenas
  Cut Detection in Wireless Sensor Networks pdf project girl 2 1,272 16-07-2015, 09:21 PM
Last Post: Guest
  analysis on credit card fraud detection methods ppt jaseelati 0 154 22-01-2015, 02:45 PM
Last Post: jaseelati
  credit card fraud detection using hidden markov model project download jaseelati 0 298 10-01-2015, 01:34 PM
Last Post: jaseelati
  analysis on credit card fraud detection methods ppt jaseelati 0 148 09-01-2015, 02:41 PM
Last Post: jaseelati
  credit card fraud detection ppt jaseelati 0 196 27-12-2014, 01:11 PM
Last Post: jaseelati
Lightbulb Fraud detection system for card transactions ffffff123456 0 395 26-04-2014, 05:19 AM
Last Post: ffffff123456
  Intrusion Detection: An Energy Efficient Approach in Heterogeneous WSN pdf study tips 1 948 09-02-2014, 05:40 PM
Last Post: Guest
  Design of an Error Detection and Data Recovery Architecture for Motion Estimation seminar projects maker 0 768 30-09-2013, 04:40 PM
Last Post: seminar projects maker
  Intrusion detection systems ( Download Full Seminar Report ) computer science crazy 8 15,260 28-09-2013, 03:01 PM
Last Post: Guest