Ngoc Nguyen
Access Control
Cryptography
Intrusion detection systems
Firewalls
Screening Routers
Router screens the information, allowing only
approved information to pass through.
Requirements of continually change with more
addresses required to be added to the allowable
address lists.
Dont have user-level authentication protection.
As a result, spoofing which means a packet looks
like an authorized and legal one breaches the
firewall.
Proxy Servers
Employ user-level authentication.
Provide logging and accounting information
( good for detecting intrusions and intrusion
attempts).
Stateful Inspectors
Inspect packets to verify application, user,
and transportation method to investigate the
possibility of harmful viruses hiding in
audio or video packets.
Application must be continually updated to
recognize new viruses or intrusive applets.
PAIM (cont.)
The fuzzy engine will compute two graphs,
template and user action. Then template
graph represents typical actions of a user
(hacker) when carrying out eight steps of
generic hacking methodology. User action
graph represents actual actions of the user
(hacker) on the system.
PAIMs operations
Maps two template and user action graphs to
determine whether a user (hacker) is performing a
hacking attempt if there is a match between two
graphs.
Sends alert message on hacking attempt to the
information security officer at the security
working station.
Collects data from the hackers action for later use
in court prosecution.