New Directions in Network Intrusion Detection
does security matter?
when will it matter?
houston, we have a problem...
system vulnerabilities
security incidents reported to CERT
who is the enemy?
d’oh!
publish or perish or, good help is not hard to find
the never-ending game
the rest of my talk
securing your system the quick & easy way
firewalls (not as good as bolt cutters, but…)
typical firewall setup
the firewall setup
firewall politics
big brother is watching
thoughts on bro
subverting bro (we’ll start with the easy ones)
reconstructing flows
fun with fragments
more fragment fun
trickery
is bro useless?
the reverse approach
the immune system
getting to know yourself
applying the method
system call traces
database in training
the normal database
results
discussion
related work
bringing it all together
my idea
more on my idea
problems with my idea
that’s all, folks!
backup slides for answering questions
it hasn’t leveled off
the smurf attack
buffer overflows on the stack
Email: jelson@usc.edu
Home Page: http://www.circlemud.org/~jelson
Download presentation source