國立虎尾科技大學 |

A quantitative experimental study of the effectiveness of systems to identify network attackers.

Record Type:	Language materials, manuscript : Monograph/item
Title/Author:	A quantitative experimental study of the effectiveness of systems to identify network attackers./
Author:	Handorf, C. Russell.
Description:	1 online resource (102 pages)
Notes:	Source: Dissertation Abstracts International, Volume: 78-08(E), Section: B.
Subject:	Information technology. -
Online resource:	click for full text (PQDT)
ISBN:	9781369484632

A quantitative experimental study of the effectiveness of systems to identify network attackers.
Handorf, C. Russell.

A quantitative experimental study of the effectiveness of systems to identify network attackers. - 1 online resource (102 pages)

Source: Dissertation Abstracts International, Volume: 78-08(E), Section: B.

Thesis (Ph.D.)--Capella University, 2016.

Includes bibliographical references

This study analyzed the meta-data collected from a honeypot that was run by the Federal Bureau of Investigation for a period of 5 years. This analysis compared the use of existing industry methods and tools, such as Intrusion Detection System alerts, network traffic flow and system log traffic, within the Open Source Security Information Manager (OSSIM) against techniques that were used to prioritize the detailed analysis of the data which would aid in the faster identification of attackers. It was found that by adding the results from computing a Hilbert Curve, Popularity Analysis, Cadence Analysis and Modus Operandi Analysis did not introduce significant or detrimental latency for the identification of attacker traffic. Furthermore, when coupled with the traditional tools within OSSIM, the identification of attacker traffic was greatly enhanced. Future research should consider additional statistical models that can be used to guide the strategic use of more intense analysis that is conducted by deep packet inspection software and broader intelligence models from reviewing attacks against multiple organizations. Additionally, other improvements in detection strategies are possible by these mechanisms when being able to review full data collection.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9781369484632Subjects--Topical Terms:

559429
Information technology.
Index Terms--Genre/Form:

554714
Electronic books.

A quantitative experimental study of the effectiveness of systems to identify network attackers.
LDR:02462ntm a2200325K 4500 001 915276
005 20180727125212.5
006 m o u
007 cr mn||||a|a||
008 190606s2016 xx obm 000 0 eng d
020 $a 9781369484632
035 $a (MiAaPQ)AAI10252986
035 $a (MiAaPQ)capella:19182
035 $a AAI10252986
040 $a MiAaPQ $b eng $c MiAaPQ
100 1 $a Handorf, C. Russell. $3 1188585
245 1 2 $a A quantitative experimental study of the effectiveness of systems to identify network attackers.
264 0 $c 2016
300 $a 1 online resource (102 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 78-08(E), Section: B.
500 $a Advisers: Richard Livingood; Steven Brown.
502 $a Thesis (Ph.D.)--Capella University, 2016.
504 $a Includes bibliographical references
520 $a This study analyzed the meta-data collected from a honeypot that was run by the Federal Bureau of Investigation for a period of 5 years. This analysis compared the use of existing industry methods and tools, such as Intrusion Detection System alerts, network traffic flow and system log traffic, within the Open Source Security Information Manager (OSSIM) against techniques that were used to prioritize the detailed analysis of the data which would aid in the faster identification of attackers. It was found that by adding the results from computing a Hilbert Curve, Popularity Analysis, Cadence Analysis and Modus Operandi Analysis did not introduce significant or detrimental latency for the identification of attacker traffic. Furthermore, when coupled with the traditional tools within OSSIM, the identification of attacker traffic was greatly enhanced. Future research should consider additional statistical models that can be used to guide the strategic use of more intense analysis that is conducted by deep packet inspection software and broader intelligence models from reviewing attacks against multiple organizations. Additionally, other improvements in detection strategies are possible by these mechanisms when being able to review full data collection.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Information technology. $3 559429
650 4 $a Computer science. $3 573171
655 7 $a Electronic books. $2 local $3 554714
690 $a 0489
690 $a 0984
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a Capella University. $b School of Business and Technology. $3 1148483
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10252986 $z click for full text (PQDT)