第九章 Intruders 电子商务信息安全与管理教学课件.pptVIP

* * * * * * 戎 玫 2008－3 Outline Intruders Intrusion Detection Techniques Statistical Anomaly Rule Based Detection Password management Password Protection Password Selection Strategies Recommended Reading and WEB Sites Intruders Three classes of intruders (hackers or crackers): Masquerader(假冒用户)- unauthorized individual who exploits legitimate user’s account (outsider) Misfeasor(违法用户)- legitimate user, who misuses his or her privileges (insider) Clandestine(隐秘用户) user- individual who seizes(获取) supervisory control and uses it to evade(躲避) auditing or access controls (insider or outsider) Techniques used for intrusion → examine ways to detect intrusion → password-based approaches to intrusion prevention Intrusion Techniques Objective: Gain access to a system Frequent Goal: Acquiring a user password Most systems have a file that maps a password to each user Password file protection: one-way encryption access control Password Learning Techniques Try default passwords used with standard accounts shipped with the system Exhaustive try of all short passwords Try words in system’s dictionary or list of likely passwords (hacker bulletin boards) Collect information about users (full names, names of spouses and children, pictures and books in their office, related hobbies) Try users’ phone numbers, social security numbers, room numbers Try all legitimate license plate numbers Use a trojan horse Tap(分接) the line between a remote user and the system g u e s s a t t a c k Intrusion Detection Second line of defense (firewall is 1st) Quick detection - minimize damage and quicker recovery Deterrent(威慑) - an effective intrusion detection system helps to prevent intrusions Collection of techniques - information about intrusion techniques leads to stronger prevention facility Basic Assumption: Behavior of the intruder differs from legitimate user in quantifiable ways Intruder Authorized User Behavior False Positive – authorized users identified as intrudersF