Lecture 28: June 2, 2021

Reading: text, §23.10, 26.1–26.3
Due: Homework 5, due June 2; Lab 4, due June 3

  1. Defenses
    1. Scanning
    2. Distinguishing between data and instructions
    3. Containment
    4. Specifications as restrictions
    5. Limiting sharing
    6. Statistical analysis
    7. Trust

  2. Basic intrusion detection
    1. Basis
    2. Anomaly detection (“what is unexpected is bad”)
    3. Misuse (signature-based, rule-based) detection (“what is bad is known; everything else is good”)
    4. Specification-based detection (“what is good is known; everything else is bad”)
    5. Host-based intrusion detection
    6. Network-based intrusion detection
    7. Combined intrusion detection

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 153, Computer Security
Version of June 2, 2021 at 9:29AM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh