SlideShare une entreprise Scribd logo

Double guard

Télécharger en tant que PPTX, PDF
Divya Gowda
Divya Gowda
Formation
1  sur  15
1
ABSTRACT  Internet services and applications  Increase in application and data complexity  Multi-tier web application design (1-tier, 2-tier and 3-tier)  Intrusions - any set of actions that attempt to compromise the integrity, confidentiality, or DIVYA K, 1RN09IS016, RNSIT availability of a resource  IDS - Intrusion Detection System:  a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station  Limitation - Detecting newly published attacks or variants of existing attacks. An Intrusion Detection System which manages both front and back end of the multi-tier design & exposes a wide range of attacks with 100% accuracy. 2
AGENDA  Introduction  Intrusion Detection System DIVYA K, 1RN09IS016, RNSIT  Double Guard  Architecture  Attack Scenarios  Limitations  Conclusion  References 3  Acknowledgements
 Daily tasks, such as banking, travel, and social networking, are all done via the web.  Due to their ubiquitous use for personal and/or corporate data, web services have always DIVYA K, 1RN09IS016, RNSIT been the target of attacks.  These attacks have recently become more diverse, as attention has shifted from attacking the front-end to exploiting vulnerabilities of the web applications in order to corrupt the back-end database system  To protect multi-tiered web services, Intrusion detection systems (IDS) have been widely used to detect known attacks by matching misused traffic patterns or signatures.  Functions of an intrusion detection system are to:  Monitor and analyze the user and system activities.  Analyze system configurations and vulnerabilities.  Assess system and file. 4
INTRUSION DETECTION SYSTEM  Why should I use an IDS, especially when I already have firewalls, anti-virus tools, and other security protections on my system? DIVYA K, 1RN09IS016, RNSIT  Each security protection serves to address a particular security threat to your system.  Furthermore, each security protection has weak and strong points.  Only by combining them (this combination is sometimes called security in depth) we can protect from a realistic range of security attacks.  Firewalls serve as barrier mechanisms, barring entry to some kinds of network traffic and allowing others, based on a firewall policy.  IDSs serve as monitoring mechanisms, watching activities, and making decisions about whether the observed events are suspicious.  They can spot attackers circumventing firewalls and report them to system administrators, who can take steps to prevent damage. 5
CATEGORIES OF IDS  Misuse Detection vs Anomaly Detection:  In misuse detection, the IDS identifies illegal invasions and compares it to large DIVYA K, 1RN09IS016, RNSIT database of attack signatures.  In anomaly detection, the IDS. monitors the network segments and compare their state to the normal baseline to detect anomalies  Network-based vs Host-based Systems:  A network-based intrusion detection system (NIDS) identifies intrusions by examining network traffic and monitoring multiple hosts.  A host-based intrusion detection system examines the activity of each individual computer or host. 6
LIMITATIONS OF IDS  Individually, the web IDS and the database IDS can detect abnormal network traffic sent to either of them. DIVYA K, 1RN09IS016, RNSIT  However, it is found that these IDS cannot detect cases wherein normal traffic is used to attack the web server and the database server.  For example, if an attacker with non-admin privileges can log in to a web server using normal-user access credentials, he/she can find a way to issue a privileged database query by exploiting vulnerabilities in the web server.  DoubleGuard is a system used to detect attacks in multi-tiered web services.  This approach can create normality models of isolated user sessions that include both the web front-end (HTTP) and back-end (File or SQL) network transactions. 7
DOUBLE GUARD  Composes both web IDS and database IDS to achieve more accurate detection  It also uses a reverse HTTP proxy to maintain a reduced level of service in the presence DIVYA K, 1RN09IS016, RNSIT of false positives.  Instead of connecting to a database server, web applications will first connect to a database firewall. SQL queries are analyzed; if they’re deemed safe, they are then forwarded to the back-end database server.  GreenSQL software work as a reverse proxy for DB connections  Virtualization is used to isolate objects and enhance security performance.  CLAMP is an architecture for preventing data leaks even in the presence of attacks. 8
DIVYA K, 1RN09IS016, RNSIT 9 SYSTEM ARCHITECTURE
ATTACK SCENARIOS  Privilege Escalation Attack: DIVYA K, 1RN09IS016, RNSIT  Hijack Future Session Attack: 10
ATTACK SCENARIOS (CONTINUED…)  Injection Attack: DIVYA K, 1RN09IS016, RNSIT  Direct DB attack: 11
LIMITATIONS OF DOUBLE GUARD  Vulnerabilities Due to Improper Input Processing  Possibility Of Evading Double Guard DIVYA K, 1RN09IS016, RNSIT  Distributed DoS: 12
MAPPING RELATIONS  Deterministic mapping  Empty query set DIVYA K, 1RN09IS016, RNSIT  No matched request  Non-deterministic mapping 13
CONCLUSION  We presented an Intrusion Detection System that builds models for Multi-Tiered Web Applications From both Front-end(HTTP) and Back-end(SQL). DIVYA K, 1RN09IS016, RNSIT  Introduction Of Sensors in the Normality model, which alerts when there is an Attack.  Precise Anomaly detection using Lightweight Virtualization.  Double Guard was able to Identify wide range of attacks with minimal False positives.  Perfect Accuracy, with 0.6% false positives. 14
REFERENCES  www.sans.org/top-cyber-security-risks/  www.xenoclast.org/ DIVYA K, 1RN09IS016, RNSIT  www.cve.mitre.org/  www.greensql.net/  www.wordpress.org/  www.wikipedia.org/  C.Anley,Advanced Sql injection in sql server applications,2002.  K.bai,H.Wang and P.Liu, Towards database firewalls,2005.  M.Chritodorescu and S.Jha . Static analysis of executables to detect malicious pattern.  M.Cova,D.Balzarotti,G.vigna.Swaddler:An approach for anomaly detection of state violations in web application. 2007 15

Recommandé

Double guard detection project rreport
Double guard detection project rreportDouble guard detection project rreport
Double guard detection project rreportVenkatesan Sathish
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemDevil's Cafe
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniLoay Elbasyouni
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemSweta Sharma
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMApoorv Pandey
 
Intrusion detection systems
Intrusion detection systemsIntrusion detection systems
Intrusion detection systemsSeraphic Nazir
 
Intrusion prevention systems
Intrusion prevention systemsIntrusion prevention systems
Intrusion prevention systemssamis
 

Recommandé

Double guard detection project rreport
Double guard detection project rreportDouble guard detection project rreport
Double guard detection project rreportVenkatesan Sathish
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemDevil's Cafe
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniLoay Elbasyouni
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemSweta Sharma
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMApoorv Pandey
 
Intrusion detection systems
Intrusion detection systemsIntrusion detection systems
Intrusion detection systemsSeraphic Nazir
 
Intrusion prevention systems
Intrusion prevention systemsIntrusion prevention systems
Intrusion prevention systemssamis
 
A hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environmentsA hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environmentsMohamed Jelidi
 
Future Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloudFuture Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloudSedthakit Prasanphanich
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemRoshan Ranabhat
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)Aj Maurya
 
Intrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise NetworkIntrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise NetworkOkehie Collins
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Eng. Mohammed Ahmed Siddiqui
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortDisha Bedi
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Ids(final)
Ids(final)Ids(final)
Ids(final)Not yet working. I am still studying
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)david rom
 
Intrusion Detection And Prevention
Intrusion Detection And PreventionIntrusion Detection And Prevention
Intrusion Detection And PreventionNicholas Davis
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1whitehat 'People'
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)LJ PROJECTS
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesYOU SHENG CHEN
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningPritesh Ranjan
 
Using Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion DetectionUsing Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion DetectionSagar Uday Kumar
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAAKASH S
 
Ijnsa050208
Ijnsa050208Ijnsa050208
Ijnsa050208IJNSA Journal
 
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEMNETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEMIJORCS
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 

Contenu connexe

Tendances

A hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environmentsA hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environmentsMohamed Jelidi
 
Future Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloudFuture Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloudSedthakit Prasanphanich
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemRoshan Ranabhat
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)Aj Maurya
 
Intrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise NetworkIntrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise NetworkOkehie Collins
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Eng. Mohammed Ahmed Siddiqui
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortDisha Bedi
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)david rom
 
Intrusion Detection And Prevention
Intrusion Detection And PreventionIntrusion Detection And Prevention
Intrusion Detection And PreventionNicholas Davis
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1whitehat 'People'
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)LJ PROJECTS
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesYOU SHENG CHEN
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningPritesh Ranjan
 
Using Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion DetectionUsing Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion DetectionSagar Uday Kumar
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAAKASH S
 

Tendances (19)

A hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environmentsA hybrid intrusion detection system for cloud computing environments
A hybrid intrusion detection system for cloud computing environments
 
Future Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloudFuture Prediction: Network Intrusion Detection System in the cloud
Future Prediction: Network Intrusion Detection System in the cloud
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
 
Intrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise NetworkIntrusion Detection and Prevention System in an Enterprise Network
Intrusion Detection and Prevention System in an Enterprise Network
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
 
Ids(final)
Ids(final)Ids(final)
Ids(final)
 
Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)Five Major Types of Intrusion Detection System (IDS)
Five Major Types of Intrusion Detection System (IDS)
 
Intrusion Detection And Prevention
Intrusion Detection And PreventionIntrusion Detection And Prevention
Intrusion Detection And Prevention
 
Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1Introduction to IDS & IPS - Part 1
Introduction to IDS & IPS - Part 1
 
Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)Computer Security and Intrusion Detection(IDS/IPS)
Computer Security and Intrusion Detection(IDS/IPS)
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Paper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devicesPaper sharing_Edge based intrusion detection for IOT devices
Paper sharing_Edge based intrusion detection for IOT devices
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data Mining
 
Using Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion DetectionUsing Genetic algorithm for Network Intrusion Detection
Using Genetic algorithm for Network Intrusion Detection
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 

Similaire à Double guard

NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEMNETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEMIJORCS
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detectioneditor1knowledgecuddle
 
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEYSECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEYJournal For Research
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithmijtsrd
 
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...researchinventy
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDINTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDIJCI JOURNAL
 
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Editor IJMTER
 
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...IRJET Journal
 
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...IIJSRJournal
 
IRJET - IDS for Wifi Security
IRJET - IDS for Wifi SecurityIRJET - IDS for Wifi Security
IRJET - IDS for Wifi SecurityIRJET Journal
 
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...IJERA Editor
 
Survey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection SystemSurvey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection SystemEswar Publications
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...IJCSIS Research Publications
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
 
Detection &Amp; Prevention Systems
Detection &Amp; Prevention SystemsDetection &Amp; Prevention Systems
Detection &Amp; Prevention SystemsAlison Hall
 

Similaire à Double guard (20)

Ijnsa050208
Ijnsa050208Ijnsa050208
Ijnsa050208
 
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEMNETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
NETWORK SECURITY USING LINUX INTRUSION DETECTION SYSTEM
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Ijnsa050214
Ijnsa050214Ijnsa050214
Ijnsa050214
 
Efficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion DetectionEfficient String Matching Algorithm for Intrusion Detection
Efficient String Matching Algorithm for Intrusion Detection
 
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEYSECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
SECURITY THREATS IN SENSOR NETWORK IN IOT: A SURVEY
 
Describe firewalls
Describe firewallsDescribe firewalls
Describe firewalls
 
Optimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning AlgorithmOptimized Intrusion Detection System using Deep Learning Algorithm
Optimized Intrusion Detection System using Deep Learning Algorithm
 
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
Network Based Intrusion Detection and Prevention Systems: Attack Classificati...
 
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARDINTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
INTRUSION DETECTION IN MULTITIER WEB APPLICATIONS USING DOUBLEGUARD
 
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
 
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
Automatic Intrusion Detection based on Artificial Intelligence Techniques: A ...
 
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
Analysis of Artificial Intelligence Techniques for Network Intrusion Detectio...
 
IRJET - IDS for Wifi Security
IRJET - IDS for Wifi SecurityIRJET - IDS for Wifi Security
IRJET - IDS for Wifi Security
 
J1802056063
J1802056063J1802056063
J1802056063
 
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
A Secure Intrusion Detection System against DDOS Attack in Wireless Ad-Hoc Ne...
 
Survey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection SystemSurvey on Host and Network Based Intrusion Detection System
Survey on Host and Network Based Intrusion Detection System
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
 
Detection &Amp; Prevention Systems
Detection &Amp; Prevention SystemsDetection &Amp; Prevention Systems
Detection &Amp; Prevention Systems
 

Dernier

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxVishalSingh1417
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 

Dernier (20)

Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 

Double guard

  • 1. 1
  • 2. ABSTRACT  Internet services and applications  Increase in application and data complexity  Multi-tier web application design (1-tier, 2-tier and 3-tier)  Intrusions - any set of actions that attempt to compromise the integrity, confidentiality, or DIVYA K, 1RN09IS016, RNSIT availability of a resource  IDS - Intrusion Detection System:  a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station  Limitation - Detecting newly published attacks or variants of existing attacks. An Intrusion Detection System which manages both front and back end of the multi-tier design & exposes a wide range of attacks with 100% accuracy. 2
  • 3. AGENDA  Introduction  Intrusion Detection System DIVYA K, 1RN09IS016, RNSIT  Double Guard  Architecture  Attack Scenarios  Limitations  Conclusion  References 3  Acknowledgements
  • 4. Daily tasks, such as banking, travel, and social networking, are all done via the web.  Due to their ubiquitous use for personal and/or corporate data, web services have always DIVYA K, 1RN09IS016, RNSIT been the target of attacks.  These attacks have recently become more diverse, as attention has shifted from attacking the front-end to exploiting vulnerabilities of the web applications in order to corrupt the back-end database system  To protect multi-tiered web services, Intrusion detection systems (IDS) have been widely used to detect known attacks by matching misused traffic patterns or signatures.  Functions of an intrusion detection system are to:  Monitor and analyze the user and system activities.  Analyze system configurations and vulnerabilities.  Assess system and file. 4
  • 5. INTRUSION DETECTION SYSTEM  Why should I use an IDS, especially when I already have firewalls, anti-virus tools, and other security protections on my system? DIVYA K, 1RN09IS016, RNSIT  Each security protection serves to address a particular security threat to your system.  Furthermore, each security protection has weak and strong points.  Only by combining them (this combination is sometimes called security in depth) we can protect from a realistic range of security attacks.  Firewalls serve as barrier mechanisms, barring entry to some kinds of network traffic and allowing others, based on a firewall policy.  IDSs serve as monitoring mechanisms, watching activities, and making decisions about whether the observed events are suspicious.  They can spot attackers circumventing firewalls and report them to system administrators, who can take steps to prevent damage. 5
  • 6. CATEGORIES OF IDS  Misuse Detection vs Anomaly Detection:  In misuse detection, the IDS identifies illegal invasions and compares it to large DIVYA K, 1RN09IS016, RNSIT database of attack signatures.  In anomaly detection, the IDS. monitors the network segments and compare their state to the normal baseline to detect anomalies  Network-based vs Host-based Systems:  A network-based intrusion detection system (NIDS) identifies intrusions by examining network traffic and monitoring multiple hosts.  A host-based intrusion detection system examines the activity of each individual computer or host. 6
  • 7. LIMITATIONS OF IDS  Individually, the web IDS and the database IDS can detect abnormal network traffic sent to either of them. DIVYA K, 1RN09IS016, RNSIT  However, it is found that these IDS cannot detect cases wherein normal traffic is used to attack the web server and the database server.  For example, if an attacker with non-admin privileges can log in to a web server using normal-user access credentials, he/she can find a way to issue a privileged database query by exploiting vulnerabilities in the web server.  DoubleGuard is a system used to detect attacks in multi-tiered web services.  This approach can create normality models of isolated user sessions that include both the web front-end (HTTP) and back-end (File or SQL) network transactions. 7
  • 8. DOUBLE GUARD  Composes both web IDS and database IDS to achieve more accurate detection  It also uses a reverse HTTP proxy to maintain a reduced level of service in the presence DIVYA K, 1RN09IS016, RNSIT of false positives.  Instead of connecting to a database server, web applications will first connect to a database firewall. SQL queries are analyzed; if they’re deemed safe, they are then forwarded to the back-end database server.  GreenSQL software work as a reverse proxy for DB connections  Virtualization is used to isolate objects and enhance security performance.  CLAMP is an architecture for preventing data leaks even in the presence of attacks. 8
  • 9. DIVYA K, 1RN09IS016, RNSIT 9 SYSTEM ARCHITECTURE
  • 10. ATTACK SCENARIOS  Privilege Escalation Attack: DIVYA K, 1RN09IS016, RNSIT  Hijack Future Session Attack: 10
  • 11. ATTACK SCENARIOS (CONTINUED…)  Injection Attack: DIVYA K, 1RN09IS016, RNSIT  Direct DB attack: 11
  • 12. LIMITATIONS OF DOUBLE GUARD  Vulnerabilities Due to Improper Input Processing  Possibility Of Evading Double Guard DIVYA K, 1RN09IS016, RNSIT  Distributed DoS: 12
  • 13. MAPPING RELATIONS  Deterministic mapping  Empty query set DIVYA K, 1RN09IS016, RNSIT  No matched request  Non-deterministic mapping 13
  • 14. CONCLUSION  We presented an Intrusion Detection System that builds models for Multi-Tiered Web Applications From both Front-end(HTTP) and Back-end(SQL). DIVYA K, 1RN09IS016, RNSIT  Introduction Of Sensors in the Normality model, which alerts when there is an Attack.  Precise Anomaly detection using Lightweight Virtualization.  Double Guard was able to Identify wide range of attacks with minimal False positives.  Perfect Accuracy, with 0.6% false positives. 14
  • 15. REFERENCES  www.sans.org/top-cyber-security-risks/  www.xenoclast.org/ DIVYA K, 1RN09IS016, RNSIT  www.cve.mitre.org/  www.greensql.net/  www.wordpress.org/  www.wikipedia.org/  C.Anley,Advanced Sql injection in sql server applications,2002.  K.bai,H.Wang and P.Liu, Towards database firewalls,2005.  M.Chritodorescu and S.Jha . Static analysis of executables to detect malicious pattern.  M.Cova,D.Balzarotti,G.vigna.Swaddler:An approach for anomaly detection of state violations in web application. 2007 15