Gregory Hanis, profile picture
Uploaded byGregory Hanis
PPTX, PDF959 views

security IDS

The CIA triangle outlines the three primary goals of information security: confidentiality, integrity, and availability. Confidentiality ensures that information is only available to authorized users, integrity ensures the accuracy and trustworthiness of information, and availability ensures that information is accessible when needed. These three principles form the basis of information security practices and help define how organizations should protect information assets from various threats.

Embed presentation

Downloaded 18 times
3 main points C.I.A.--related to hardware, software, and communications
    Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc...)[1] Two major aspects of information security are: IT security: Sometimes referred to as computer security, Information Technology Security is information security applied to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop. A computer is any device with a processor and some memory (even a calculator). IT security specialists are almost always found in any major enterprise/establishment due to the nature and value of the data within larger businesses. They are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to breach into critical private information or gain control of the internal systems. Information assurance: The act of ensuring that data is not lost when critical issues arise. These issues include but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists. One of the most common methods of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arise.
 Information Security Attributes: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell people (administrators, users and operators) how to use products to ensure information security within the organizations.
  Confidentiality refers to preventing the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Confidentiality is necessary for maintaining the privacy of the people whose personal information is held in the system.
 In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle.[16] This means that data cannot be modified in an unauthorized or undetected manner. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
 For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-ofservice attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down.
 In computing, e-Business, and information security, it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim to be. Some information security systems incorporate authentication features such as "digital signatures", which give evidence that the message data is genuine and was sent by someone possessing the proper signing key.
  In law, non-repudiation implies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. It is important to note that while technology such as cryptographic systems can assist in non-repudiation efforts, the concept is at its core a legal concept transcending the realm of technology. It is not, for instance, sufficient to show that the message matches a digital signature signed with the sender's private key, and thus only the sender could have sent the message and nobody else could have altered it in transit. The alleged sender could in return demonstrate that the digital signature algorithm is vulnerable or flawed, or allege or prove that his signing key has been compromised. The fault for these violations may or may not lie with the sender himself, and such assertions may or may not relieve the sender of liability, but the assertion would invalidate the claim that the signature necessarily proves authenticity and integrity and thus prevents repudiation.
  Information security analysts are information technology (IT) specialists who are accountable for safeguarding all data and communications that are stored and shared in network systems. In the financial industry, for example, information security analysts might continually upgrade firewalls that prohibit superfluous access to sensitive business data and might perform defencelessness tests to assess the effectiveness of security measures. Electronic commerce uses technology such as digital signatures and public key encryption to establish authenticity and non-repudiation.
CIA triangle known as security triad tells the primary goals of IS  Confidentiality Making sure that those who should not see information  Integrity Making sure that the information has not been changed from its original  Availability Making sure that the information is available for use when you need it
Threat Agent Confidentiality Information Assets Threat Integrity Availability Incident Prevention Damage Detection Correction* Recovery Safeguards * also called Aversion or Damage Control
Problem:  False positives are high with current automated IDS systems Solution:  Human detection
Problem:  Cost of human interaction monitoring one network 24-7 is not cost efficient (risk mitigation wise) Solution:  One human can monitor 100’s of networks simultaneously
Problem:  All current IDS hardware must be accessed by the user to configure or setup; Solution:  Plug in play technology
Problem:  Time intruder has access to network Solution:  Notification of compromised network to key people within seconds
Problem:  Scan all traffic causing latency and bottlenecks in network Solution:  Passive and aggressive scanning used to sniff traffic samples
Problem:  Cannot detect novel or unknown attacks Solution:  Anomaly detection methods to audit data, also using device specific traffic presence detection
Problem:  Space to hold data collected over a period of time during normal operation Solution:  Cloud based storage which allows collection and collaboration with all devices in play
Problem:  Locked into one method technique of detection Solution:  Use multiple techniques to detect
Problem:  Cost of hardware $1,000-$7,000 plus licenses Solution:  $24 cost for hardware to run device (store price)

More Related Content

PPT
Information Security
byDhilsath Fathima
 
PPT
Information security management v2010
byjoevest
 
PPTX
Aspects of data security
bySaranSwathi1
 
PPTX
Information security
byLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
PPT
Introduction to Information Security
byDr. Loganathan R
 
DOC
Information security
bySanjay Tiwari
 
PPTX
Information security ist lecture
byZara Nawaz
 
PDF
Ch19 E Commerce Security
byphanleson
 
Information Security
byDhilsath Fathima
 
Information security management v2010
byjoevest
 
Aspects of data security
bySaranSwathi1
 
Information security
byLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Introduction to Information Security
byDr. Loganathan R
 
Information security
bySanjay Tiwari
 
Information security ist lecture
byZara Nawaz
 
Ch19 E Commerce Security
byphanleson
 

What's hot

PPTX
Data security
bySoumen Mondal
 
PDF
Information Security Management
byBhadra Gowdra
 
PPTX
Introduction to Network Security
byJohn Ely Masculino
 
PPTX
Computer security concepts
byPrachi Gulihar
 
PPTX
What every executive needs to know about information technology security
byLegal Services National Technology Assistance Project (LSNTAP)
 
DOCX
Data Security
byankita_kashyap
 
PPTX
what is data security full ppt
byShahbaz Khan
 
DOCX
Security architecture principles isys 0575general att
bySHIVA101531
 
PPT
Chapter 3: Information Security Framework
byNada G.Youssef
 
PPT
Introduction to information security
byKumawat Dharmpal
 
PPTX
Advanced Data Center Security
bymanoharparakh
 
PPTX
Data Security Explained
byHappiest Minds Technologies
 
PPT
Information security
byrazendar79
 
PDF
I0516064
byIOSR Journals
 
PDF
Siem requirement.pdfsd
byNorman Funzani Manenzhe
 
PPTX
Information Security
byAlok Katiyar
 
PDF
Data Security
byqmsWrapper
 
PPT
Threats of E-Commerce in Database
byMentalist Akram
 
PPTX
Introduction to information security
byKATHEESKUMAR S
 
PDF
Data Security
byMark Waltzer
 
Data security
bySoumen Mondal
 
Information Security Management
byBhadra Gowdra
 
Introduction to Network Security
byJohn Ely Masculino
 
Computer security concepts
byPrachi Gulihar
 
What every executive needs to know about information technology security
byLegal Services National Technology Assistance Project (LSNTAP)
 
Data Security
byankita_kashyap
 
what is data security full ppt
byShahbaz Khan
 
Security architecture principles isys 0575general att
bySHIVA101531
 
Chapter 3: Information Security Framework
byNada G.Youssef
 
Introduction to information security
byKumawat Dharmpal
 
Advanced Data Center Security
bymanoharparakh
 
Data Security Explained
byHappiest Minds Technologies
 
Information security
byrazendar79
 
I0516064
byIOSR Journals
 
Siem requirement.pdfsd
byNorman Funzani Manenzhe
 
Information Security
byAlok Katiyar
 
Data Security
byqmsWrapper
 
Threats of E-Commerce in Database
byMentalist Akram
 
Introduction to information security
byKATHEESKUMAR S
 
Data Security
byMark Waltzer
 

Similar to security IDS

PPTX
Information security principles
byDan Morrill
 
PDF
internet security and cyber lawUnit1
byRoyalzig Luxury Furniture
 
PDF
INFORMATION SECURITY: THREATS AND SOLUTIONS.
byNi
 
PPTX
Information Security and Indian IT Act 2000
byDr. Prashant Vats
 
DOCX
CCS354-NETWORK SECURITY-network-security notes
byKiruba buri R
 
DOCX
Unit 1 Information Security.docx
byPrernaThakwani
 
PPTX
Information Security Lecture One for Basic
byhassankhan978073
 
PDF
information security introduction for campus students.pdf
byhailegebrielgeta6
 
PDF
BAIT1103 Chapter 1
bylimsh
 
PPTX
c plus plus ssssssssssssssssssssssssssss
byASKMEDIA
 
PPTX
Chapter 1_Overview hhhhhhhhhhhhhhhhhhhhhhhhhh
byASKMEDIA
 
PPTX
ISM-CS5750-01.pptx
byRashidSahito1
 
PPTX
Data Network Security
byAtif Rehmat
 
PPTX
Lecture 5 Foundations of Computer Security.pptx
byjitendrachettri894
 
PPTX
Lecture 1 Introduction to Computer Security.pptx
byfarhanghafoor5
 
PPTX
IT.pptx
byRaaviKapoor
 
PDF
International Journal of Engineering Research and Development
byIJERD Editor
 
PDF
1 introit security
byricharddxd
 
PPTX
crisc_wk_5.pptx
bydotco
 
PPTX
security in is.pptx
byselvapriyabiher
 
Information security principles
byDan Morrill
 
internet security and cyber lawUnit1
byRoyalzig Luxury Furniture
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
byNi
 
Information Security and Indian IT Act 2000
byDr. Prashant Vats
 
CCS354-NETWORK SECURITY-network-security notes
byKiruba buri R
 
Unit 1 Information Security.docx
byPrernaThakwani
 
Information Security Lecture One for Basic
byhassankhan978073
 
information security introduction for campus students.pdf
byhailegebrielgeta6
 
BAIT1103 Chapter 1
bylimsh
 
c plus plus ssssssssssssssssssssssssssss
byASKMEDIA
 
Chapter 1_Overview hhhhhhhhhhhhhhhhhhhhhhhhhh
byASKMEDIA
 
ISM-CS5750-01.pptx
byRashidSahito1
 
Data Network Security
byAtif Rehmat
 
Lecture 5 Foundations of Computer Security.pptx
byjitendrachettri894
 
Lecture 1 Introduction to Computer Security.pptx
byfarhanghafoor5
 
IT.pptx
byRaaviKapoor
 
International Journal of Engineering Research and Development
byIJERD Editor
 
1 introit security
byricharddxd
 
crisc_wk_5.pptx
bydotco
 
security in is.pptx
byselvapriyabiher
 

More from Gregory Hanis

PPTX
IDS+Honeypots Making Security Simple
byGregory Hanis
 
PPTX
Anonymizers
byGregory Hanis
 
PPTX
Hacker bootcamp
byGregory Hanis
 
PPTX
Telehack: May the Command Line Live Forever
byGregory Hanis
 
PDF
Javascript Deofuscation A manual Approach
byGregory Hanis
 
PPTX
To cert or not to cert
byGregory Hanis
 
PPT
Intrusion Detection
byGregory Hanis
 
DOCX
Penetration testing is a field which has experienced rapid growth over the years
byGregory Hanis
 
PPTX
Pm final project
byGregory Hanis
 
TXT
Suncoastscam
byGregory Hanis
 
TXT
Linuxserver harden
byGregory Hanis
 
PDF
Oop in php_tutorial
byGregory Hanis
 
PPTX
Windows great again
byGregory Hanis
 
PDF
Rollingstone greghanis
byGregory Hanis
 
IDS+Honeypots Making Security Simple
byGregory Hanis
 
Anonymizers
byGregory Hanis
 
Hacker bootcamp
byGregory Hanis
 
Telehack: May the Command Line Live Forever
byGregory Hanis
 
Javascript Deofuscation A manual Approach
byGregory Hanis
 
To cert or not to cert
byGregory Hanis
 
Intrusion Detection
byGregory Hanis
 
Penetration testing is a field which has experienced rapid growth over the years
byGregory Hanis
 
Pm final project
byGregory Hanis
 
Suncoastscam
byGregory Hanis
 
Linuxserver harden
byGregory Hanis
 
Oop in php_tutorial
byGregory Hanis
 
Windows great again
byGregory Hanis
 
Rollingstone greghanis
byGregory Hanis
 

Recently uploaded

PDF
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PPTX
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 

security IDS

  • 1.
    3 main pointsC.I.A.--related to hardware, software, and communications
  • 2.
        Information security, sometimesshortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (electronic, physical, etc...)[1] Two major aspects of information security are: IT security: Sometimes referred to as computer security, Information Technology Security is information security applied to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop. A computer is any device with a processor and some memory (even a calculator). IT security specialists are almost always found in any major enterprise/establishment due to the nature and value of the data within larger businesses. They are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to breach into critical private information or gain control of the internal systems. Information assurance: The act of ensuring that data is not lost when critical issues arise. These issues include but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists. One of the most common methods of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arise.
  • 4.
     Information Security Attributes:or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell people (administrators, users and operators) how to use products to ensure information security within the organizations.
  • 5.
      Confidentiality refers topreventing the disclosure of information to unauthorized individuals or systems. For example, a credit card transaction on the Internet requires the credit card number to be transmitted from the buyer to the merchant and from the merchant to a transaction processing network. The system attempts to enforce confidentiality by encrypting the card number during transmission, by limiting the places where it might appear (in databases, log files, backups, printed receipts, and so on), and by restricting access to the places where it is stored. If an unauthorized party obtains the card number in any way, a breach of confidentiality has occurred. Confidentiality is necessary for maintaining the privacy of the people whose personal information is held in the system.
  • 6.
     In information security,data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle.[16] This means that data cannot be modified in an unauthorized or undetected manner. This is not the same thing as referential integrity in databases, although it can be viewed as a special case of Consistency as understood in the classic ACID model of transaction processing. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.
  • 7.
     For any informationsystem to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-ofservice attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down.
  • 8.
     In computing, e-Business,and information security, it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine. It is also important for authenticity to validate that both parties involved are who they claim to be. Some information security systems incorporate authentication features such as "digital signatures", which give evidence that the message data is genuine and was sent by someone possessing the proper signing key.
  • 9.
      In law, non-repudiationimplies one's intention to fulfill their obligations to a contract. It also implies that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction. It is important to note that while technology such as cryptographic systems can assist in non-repudiation efforts, the concept is at its core a legal concept transcending the realm of technology. It is not, for instance, sufficient to show that the message matches a digital signature signed with the sender's private key, and thus only the sender could have sent the message and nobody else could have altered it in transit. The alleged sender could in return demonstrate that the digital signature algorithm is vulnerable or flawed, or allege or prove that his signing key has been compromised. The fault for these violations may or may not lie with the sender himself, and such assertions may or may not relieve the sender of liability, but the assertion would invalidate the claim that the signature necessarily proves authenticity and integrity and thus prevents repudiation.
  • 10.
      Information security analystsare information technology (IT) specialists who are accountable for safeguarding all data and communications that are stored and shared in network systems. In the financial industry, for example, information security analysts might continually upgrade firewalls that prohibit superfluous access to sensitive business data and might perform defencelessness tests to assess the effectiveness of security measures. Electronic commerce uses technology such as digital signatures and public key encryption to establish authenticity and non-repudiation.
  • 11.
    CIA triangle knownas security triad tells the primary goals of IS  Confidentiality Making sure that those who should not see information  Integrity Making sure that the information has not been changed from its original  Availability Making sure that the information is available for use when you need it
  • 12.
  • 13.
    Problem:  False positivesare high with current automated IDS systems Solution:  Human detection
  • 14.
    Problem:  Cost ofhuman interaction monitoring one network 24-7 is not cost efficient (risk mitigation wise) Solution:  One human can monitor 100’s of networks simultaneously
  • 15.
    Problem:  All currentIDS hardware must be accessed by the user to configure or setup; Solution:  Plug in play technology
  • 16.
    Problem:  Time intruderhas access to network Solution:  Notification of compromised network to key people within seconds
  • 17.
    Problem:  Scan alltraffic causing latency and bottlenecks in network Solution:  Passive and aggressive scanning used to sniff traffic samples
  • 18.
    Problem:  Cannot detectnovel or unknown attacks Solution:  Anomaly detection methods to audit data, also using device specific traffic presence detection
  • 19.
    Problem:  Space tohold data collected over a period of time during normal operation Solution:  Cloud based storage which allows collection and collaboration with all devices in play
  • 20.
    Problem:  Locked intoone method technique of detection Solution:  Use multiple techniques to detect
  • 21.
    Problem:  Cost ofhardware $1,000-$7,000 plus licenses Solution:  $24 cost for hardware to run device (store price)

Editor's Notes

  • #16 which results in reverse engineering to find security holes.---------disable access to hardware no way to interface or change
  • #19 If something on the network scans the ids it will cause alarms, therefore preventingThe network to be scanned.
  • #20 Remote management/montoring