Tesi etd-04212015-145831 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
MACRI, ANTONIO
URN
etd-04212015-145831
Titolo
Design, development and integration of a cyber security module for supervision systems
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA INFORMATICA
Relatori
relatore Dini, Gianluca
Parole chiave
- cyber security
- integration
- intrusion detection
- network security
Data inizio appello
08/05/2015
Consultabilità
Completa
Riassunto
The goal of this thesis is the architectural design, implementation, configuration and integration of a cyber-security module for a supervision system.
A rather standard solution has been followed for the intrusion-detection architecture, comprising a Network-based IDS and a Host-based IDS. While the choice of the HIDS has been straightforward, the selection of the NIDS required a more in-depth analysis of current technology solutions, and has been one of the main objectives of this work.
The selection of the NIDS has been accomplished by first identifying a few candidate open-source tools using qualitative criteria. Then, a quantitative benchmarking has been performed in two rounds of tests, the first with a test set already used for previous older works, and the second with more specific attacks. This allowed a sound choice of the NIDS.
It has been then demonstrated how the chosen tools can be integrated by normalizing their outputs to a standard format and performing correlation having a more comprehensive view of the network.
Finally, the cyber-security software module that integrates the IDS architecture with the supervision system has been developed. This module processes the security alerts coming from the intrusion-detection architecture and sends them to the supervision system for displaying onto a central monitoring console.
A rather standard solution has been followed for the intrusion-detection architecture, comprising a Network-based IDS and a Host-based IDS. While the choice of the HIDS has been straightforward, the selection of the NIDS required a more in-depth analysis of current technology solutions, and has been one of the main objectives of this work.
The selection of the NIDS has been accomplished by first identifying a few candidate open-source tools using qualitative criteria. Then, a quantitative benchmarking has been performed in two rounds of tests, the first with a test set already used for previous older works, and the second with more specific attacks. This allowed a sound choice of the NIDS.
It has been then demonstrated how the chosen tools can be integrated by normalizing their outputs to a standard format and performing correlation having a more comprehensive view of the network.
Finally, the cyber-security software module that integrates the IDS architecture with the supervision system has been developed. This module processes the security alerts coming from the intrusion-detection architecture and sends them to the supervision system for displaying onto a central monitoring console.
File
Nome file | Dimensione |
---|---|
Thesis_2..._05_3.pdf | 1.64 Mb |
Contatta l’autore |