Deployment of Next Generation Intrusion Detection Systems against Internal Threats in a Medium-sized Enterprise
| dc.contributor.author | Piconese, Filippo | |
| dc.contributor.department | fi=Tulevaisuuden teknologioiden laitos|en=Department of Future Technologies| | |
| dc.contributor.faculty | fi=Luonnontieteiden ja tekniikan tiedekunta|en=Faculty of Science and Engineering| | |
| dc.contributor.studysubject | fi=Tietotekniikka|en=Information and Communication Technology| | |
| dc.date.accessioned | 2020-11-13T22:02:35Z | |
| dc.date.available | 2020-11-13T22:02:35Z | |
| dc.date.issued | 2020-10-29 | |
| dc.description.abstract | In this increasingly digital age, companies struggle to understand the origin of cyberattacks. Malicious actions can come from both the outside and the inside the business, so it is necessary to adopt tools that can reduce cyber risks by identifying the anomalies when the first symptoms appear. This thesis deals with the topic of internal attacks and explains how to use innovative Intrusion Detection Systems to protect the IT infrastructure of Medium-sized Enterprises. These types of technologies try to solve issues like poor visibility of network traffic, long response times to security breaches, and the use of inefficient access control mechanisms. In this research, multiple types of internal threats, the different categories of Intrusion Detection Systems and an in-depth analysis of the state-of-the-art IDSs developed during the last few years have been detailed. After that, there will be a brief explanation of the effectiveness of IDSs in both testing and production environments. All the reported phases took place within a company network, starting from the positioning of the IDS, moving on to its configuration and ending with the production environment. There is an analysis of the company expectations, together with an explanation of the different IDSs characteristics. This research shows data about potential attacks, mitigated and resolved threats, as well as network changes made thanks to the information gathered while using a cutting edge IDS. Moreover, the characteristics that a medium-sized company must have in order to be adequately protected by a new generation IDS have been generalized. In the same way, the functionalities that an IDS must possess in order to achieve the set objectives were reported. IDSs are incredibly adaptable to different environments, such as companies of different sectors and sizes, and can be tuned to achieve better results. At the end of this document are reported the potential future developments that should be addressed to improve IDS technologies further. | |
| dc.format.extent | 80 | |
| dc.identifier.olddbid | 167607 | |
| dc.identifier.oldhandle | 10024/150736 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/12831 | |
| dc.identifier.urn | URN:NBN:fi-fe2020111390313 | |
| dc.language.iso | eng | |
| dc.rights | fi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.| | |
| dc.rights.accessrights | avoin | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/150736 | |
| dc.subject | Cyber Security, Network Security, Intrusion Detection System, Intrusion Prevention System, Network Traffic Analysis, User and Entity Behaviour Analytics, Machine Learning, Artificial Intelligence, Internal Threats | |
| dc.title | Deployment of Next Generation Intrusion Detection Systems against Internal Threats in a Medium-sized Enterprise | |
| dc.type.ontasot | fi=Diplomityö|en=Master's thesis| |
Tiedostot
1 - 1 / 1