EC2035 Cryptography and Network Security - Lecture Notes for Unit 5 - Edition 2014

0
Anna University Logo
university:anna university
year:4th
sem:07
dept:ece
subject code:EC2035
subject:cryptography and network security
content:EC2035-cryptography and network security-lecture notes for unit 5-edition 2014

INTRUDERS 

One of the publicized threats to security is the intruders generally referred to as hackers or crackers.

There are three classes of intruders 
• Significant issue for networked systems is hostile or unwanted access either via network or local. 
• Can identify classes of intruders 

Masquerader: - An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account.

Misfeasor: - A legitimate user who accesses data, program, or resources for  which such access is not authorized, or who is authorized for  such access but misuse his or her privileges. 

Clandestine user: - An individual who seizes supervisory control of the system 
 and uses this control to evade auditing and access controls  or to suppress audit collection 

Intrusion Techniques 
• Aim to increase privileges on system 
• Basic attack methodology 
– Target acquisition and information gathering 
– Initial access 
– Privilege escalation 
– Covering tracks 
• Key goal often is to acquire passwords so then exercise access rights of owner 

Intrusion Detection 
• Inevitably will have security failures 
• So need also to detect intrusions so can 
– Block if detected quickly act as deterrent 
– Collect info to improve security 
• Assume intruder will behave differently to a legitimate user 
– But will have imperfect distinction between 

Attachment link:

.pdf   UNIT-5 peri.pdf (Size: 779.31 KB / Downloads: 1,164)
mohanavalli, proud to be a member of Vidyarthiplus.com (V+) - Online Students Community since Nov 2012.