Show simple item record

dc.contributor.advisorCopeland, John A.
dc.contributor.authorBrzeczko, Albert Walter
dc.date.accessioned2014-05-22T15:27:56Z
dc.date.available2014-05-22T15:27:56Z
dc.date.created2014-05
dc.date.issued2014-04-07
dc.date.submittedMay 2014
dc.identifier.urihttp://hdl.handle.net/1853/51842
dc.description.abstractEnterprise networks present very high value targets in the eyes of malicious actors who seek to exfiltrate sensitive proprietary data, disrupt the operations of a particular organization, or leverage considerable computational and network resources to further their own illicit goals. For this reason, enterprise networks typically attract the most determined of attackers. These attackers are prone to using the most novel and difficult-to-detect approaches so that they may have a high probability of success and continue operating undetected. Many existing network security approaches that fall under the category of intrusion detection systems (IDS) and intrusion prevention systems (IPS) are able to detect classes of attacks that are well-known. While these approaches are effective for filtering out routine attacks in automated fashion, they are ill-suited for detecting the types of novel tactics and zero-day exploits that are increasingly used against the enterprise. In this thesis, a solution is presented that augments existing security measures to provide enhanced coverage of novel attacks in conjunction with what is already provided by traditional IDS and IPS. The approach enables honeypots, a class of tech- nique that observes novel attacks by luring an attacker to perform malicious activity on a system having no production value, to be deployed in a turn-key fashion and at large scale on enterprise networks. In spite of the honeypot’s efficacy against tar- geted attacks, organizations can seldom afford to devote capital and IT manpower to integrating them into their security posture. Furthermore, misconfigured honeypots can actually weaken an organization’s security posture by giving the attacker a stag- ing ground on which to perform further attacks. A turn-key approach is needed for organizations to use honeypots to trap, observe, and mitigate novel targeted attacks.
dc.format.mimetypeapplication/pdf
dc.language.isoen_US
dc.publisherGeorgia Institute of Technology
dc.subjectHoneynet
dc.subjectCloud computing
dc.subjectInformation security
dc.subject.lcshIntrusion detection systems (Computer security)
dc.subject.lcshComputer networks Security measures
dc.titleScalable framework for turn-key honeynet deployment
dc.typeDissertation
dc.description.degreePh.D.
dc.contributor.departmentElectrical and Computer Engineering
thesis.degree.levelDoctoral
dc.contributor.committeeMemberOwen, Henry
dc.contributor.committeeMemberBeyah, Raheem
dc.contributor.committeeMemberRiley, George
dc.contributor.committeeMemberChau, Duen Horng (Polo)
dc.date.updated2014-05-22T15:27:56Z


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record