Risk Management — Visual Ids Countermeasures

758 views

Published on

Published in: Economy & Finance, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
758
On SlideShare
0
From Embeds
0
Number of Embeds
21
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Risk Management — Visual Ids Countermeasures

  1. 1. Risk management — visual IDS countermeasures H. Read, A. Blyth. BT Technology Journal. London: Jan 2007. Vol. 25, Iss. 1; p. 201 (7 pages)
  2. 2. Ecommerce Risk Management <ul><li>CM – Countermeasure </li></ul><ul><li>IDS – Intrusion Detection Systems </li></ul><ul><li>Main need for IDS – to combat intrusions into sensitive company information. </li></ul><ul><ul><li>This could lead to tangible losses of revenue and reputation. </li></ul></ul><ul><ul><li>Also – to safeguard consumer information </li></ul></ul>
  3. 3. Problem? <ul><li>Too much information. Information overload. </li></ul><ul><li>Once linked – the site sends data but also receives data. </li></ul><ul><ul><li>Strategy – when an on-line company receives “unusual” data (contains malicious code) – there needs to be a contingency plan to minimize damage. </li></ul></ul><ul><ul><ul><li>Need preventive and detective measures </li></ul></ul></ul>
  4. 4. <ul><li>IDS – used to log and characterize events for future examination and lessons learned. </li></ul><ul><ul><li>This leads to incompatible data </li></ul></ul><ul><ul><li>Too much data is sifted and stored </li></ul></ul>
  5. 5. Solution <ul><li>Visualization </li></ul><ul><ul><li>Use of interoperable visualization tools cuts down on the amount of information gathered when trying to combat unauthorized users (hackers, disgruntled employees, industrial espionage). </li></ul></ul><ul><ul><li>This makes the identification process easier </li></ul></ul>
  6. 6. Visualization tools: What do they do? <ul><li>These tools adhere to a framework that allows interoperability and independence for any type of database. </li></ul><ul><li>Graphing can show trends and show anomalies </li></ul><ul><li>Effective visualization tools should reduce the quantity of false positive events </li></ul>
  7. 7. IDS DATA <ul><li>Geographical data – physical location of attack (can be found by IP address) </li></ul><ul><li>Logical Data – IP addresses, DNS names, MAC addresses, host names. This is where the attack virtually took place. </li></ul><ul><li>Temporal Data – Date and time of attack </li></ul>
  8. 8. Page 205, Risk Management
  9. 9. Time range elaborated <ul><li>Real time – displays attack info as it occurs </li></ul><ul><li>Analytical – groups attacks per event (such as denial of service attack) </li></ul><ul><li>Informational – attacks when discovered, “show rich full pictures” </li></ul>
  10. 10. Summary <ul><li>Importance of interoperability </li></ul><ul><li>Visualization makes for easy identification of an attack </li></ul><ul><li>Visualization helps to combat future attacks </li></ul><ul><li>Importance of real-time and adequate detail </li></ul>
  11. 11. What does this mean to the consumer and ecommerce? <ul><li>Ecommerce is the wave of NOW. The future is now. One day all commerce may be done virtually. </li></ul><ul><li>Adequate safeguards protect the customer as well as the vendor </li></ul><ul><li>Uniformity and adherence to standards are critical to upholding ecommerce continuity </li></ul>
  12. 12. Questions <ul><li>Why do these in-depth methods need to adhere to a standard? </li></ul><ul><li>Do these countermeasures make you, the consumer, feel safer? </li></ul><ul><li>Will you fee comfortable in the future using ecommerce exclusively? </li></ul><ul><li>Do you care about this now? Or do you feel safe with “trusted sites.” </li></ul>

×