year:4th
sem:07
dept:ece
subject code:EC2035
subject:cryptography and network security
content:EC2035-cryptography and network security-lecture notes for unit 5-edition 2014
INTRUDERS
One of the publicized threats to security is the intruders generally referred to as hackers or crackers.
There are three classes of intruders
• Significant issue for networked systems is hostile or unwanted access either via network or local.
• Can identify classes of intruders
Masquerader: - An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account.
Misfeasor: - A legitimate user who accesses data, program, or resources for which such access is not authorized, or who is authorized for such access but misuse his or her privileges.
Clandestine user: - An individual who seizes supervisory control of the system
and uses this control to evade auditing and access controls or to suppress audit collection
Intrusion Techniques
• Aim to increase privileges on system
• Basic attack methodology
– Target acquisition and information gathering
– Initial access
– Privilege escalation
– Covering tracks
• Key goal often is to acquire passwords so then exercise access rights of owner
Intrusion Detection
• Inevitably will have security failures
• So need also to detect intrusions so can
– Block if detected quickly act as deterrent
– Collect info to improve security
• Assume intruder will behave differently to a legitimate user
– But will have imperfect distinction between
Attachment link:
