The document discusses intruder detection techniques. It describes intruder detection as identifying the person behind an attack by analyzing their computational behavior. It outlines that intruder detection aims to determine if an intruder has gained unauthorized access to a system. Some techniques mentioned for detecting intruders include analyzing keystroke dynamics, command sequences, IP addresses, and ports used. The document also briefly discusses the history and purpose of intruder detection systems, as well as methods for preventing intruders.

1. Presentation On
Intruders Detection

2. Intruders Detection
Intruder detection is the art of detecting intruders
behind attacks as unique persons. This technique tries to
identify the person behind an attack by analyzing their
computational behavior

3. Need Of Intruder Detection
Determining whether an intruder has
gain or has attempted to gain
unauthorized access to the system
Two groups of intruders:
External
Internal

4. Some Techniques
 Keystrokes Dynamics
 Command Used
 Command Sequence
 IP Address Used
 ISP
 Country, City
 Ports Used

5. Keystrokes Dynamics
Keystroke Dynamics is paramount in Intruder Detection
techniques because it is the only parameter that has been
classified as a real 'behavioural biometric pattern'.
Keystroke dynamics analyze times between keystrokes
issued in a computer keyboard or cellular phone keypad
searching for patterns. First techniques used statistics and
probability concepts like 'standard deviations' and
'Mean', later approaches use data mining, neural
networks, Support Vector Machine, etc.

6. Intruder Detection System
 First became needed in late 70s
 Originally used with single systems
 OS produced audit records that were
process by the IDS
 IDS has expanded to distributed
systems and networks

7. Intruder Prevention
 Requiring passwords to be submitted
Thanks
before users can access the system
 Fixing or
vulnerabilities
patching known
 Blocking network access
 Restricting physical access