Malicious Code and Intruders. Dr. Ron Rymon Efi Arazi School of Computer Science IDC, Herzliya, 2007/8. Pre-requisite: Basic Cryptography, Authentication. Overview. Malicious Code (Viruses) Intrusion Detection and Prevention Denial of Service. Malicious Code (Viruses).
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Dr. Ron Rymon
Efi Arazi School of Computer Science
IDC, Herzliya, 2007/8
Pre-requisite: Basic Cryptography, Authentication
Main Sources: Stallings, F-Secure
Need Host Program
Most current malicious code mixes some or all types
Bowles and Pelaez
(source: F-secure white paper)
Main Sources: Network Intrusion Detection / Northcutt, Novak
The Honeynet Project
Main Sources: CMU CERT, Riverhead, Northcutt et al
Per flow queues and aggregate rates
Block spoof packets:
TCP, DNS, UDP
Filter: Drop non-essential traffic.
E.g., ICMP, UDP if not essential, etc.
Per flow, using a base line.
1 to 1000s of dynamic filters by flow, protocol, …
& DDoS Traffic Shaping