Tesi etd-09242015-093050 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
LIPILINI, JACOPO
URN
etd-09242015-093050
Titolo
A Simulation Based SIEM Framework to Attribute and Predict Attacks
Dipartimento
INFORMATICA
Corso di studi
INFORMATICA E NETWORKING
Relatori
relatore Prof. Baiardi, Fabrizio
Parole chiave
- security; intrusion detection; SIEM; correlation;
Data inizio appello
09/10/2015
Consultabilità
Completa
Riassunto
We present a Security Information and Event Management (SIEM) framework to correlate, attribute and predict attacks against an ICT system. The output of the assessment of ICT risk, that exploits multiple simulations of attacks against the system, drives the building of a SIEM database. This database enables the SIEM to correlate sequences of detected attacks, to probabilistically attribute and predict attacks, and to discover 0-day vulnerability. After describing the framework and its prototype implementation, we discuss the experimental results on the main SIEM capabilities.
File
Nome file | Dimensione |
---|---|
master_thesis.pdf | 765.11 Kb |
Contatta l’autore |