Institutional-Repository, University of Moratuwa.  

A Self organized threat intelligence architecture for intrusion detection systems

Show simple item record

dc.contributor.advisor Gamage CD
dc.contributor.author Piyasena DGCP
dc.date.accessioned 2020
dc.date.available 2020
dc.date.issued 2020
dc.identifier.uri http://dl.lib.uom.lk/handle/123/16786
dc.description.abstract An Intrusion Detection System (IDS) is a software application that mon- itor a corporate network or a computer system and ag activities which it construes to be malicious operations. The rapid and expansive growth of In- ternet has heightened concerns on how to protect both stored and transmitted digital information in an e ective manner. The reactive IDS will primarily detect intrusions and send out alerts. De- fending the system is a secondary task, and its success depends on how early detection can occur when an intrusion is ongoing so that warnings can be sent in time. IPS, which is mainly proactive, will primarily detect vulnerabil- ities and take preventive measures in addition to providing the second stage functionality for an IDS but with limited knowledge and countermeasure ca- pabilities. As a solution to this problem, research has been conducted on an area called Automated Defense. The design of Automated Defense systems needs to be radically di erent from the IDS/IPS schemes as properties such as on- line real-time availability of all participants, use of threat intelligence schemes, availability of high computation power, etc have to be considered. Taking into consideration the context in which Threat Intelligence Architecture operates, where transaction value is very low, IDS/IPS systems need to be designed with a careful trade-o between reliability and cost of implementation. The research presented in this thesis aims to develop a solution to the problem of providing the functionality of an IDS with an IPS capability that is highly responsive, adaptive and able to leverage the most up-to-date knowl- edge on dealing with threats. The main objective of the research is to combine an IDS with Threat Intelligence in a manner that can detect le creations and copying anomalies and provide the mechanisms to alert and initiate actions to take defensive measures to decrease the potential for damage from attackers. The main objective of the research is to combine with Threat Intelligence to provide a mechanism to alert and initiate actions to take defensive measures to decrease the potential for damage. en_US
dc.language.iso en en_US
dc.subject COMPUTER SCIENCE AND ENGINEERING-Dissertations en_US
dc.subject COMPUTER SCIENCE-Dissertations en_US
dc.subject INTRUSION DETECTION SYSTEMS en_US
dc.subject AUTOMATED DEFENSE SYSTEMS en_US
dc.subject CYBER THREAT INTELLIGENCE en_US
dc.subject COMPUTER SECURITY en_US
dc.title A Self organized threat intelligence architecture for intrusion detection systems en_US
dc.type Thesis-Full-text en_US
dc.identifier.faculty Engineering en_US
dc.identifier.degree MSc in Computer Science en_US
dc.identifier.department Department of Computer Science & Engineering en_US
dc.date.accept 2020
dc.identifier.accno TH4261 en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record