Oktadika, Ardian and Lim, Charles and Silaen, Kalpin Erlanggaa (2021) Log Analytics System for Monitoring, Response of Threats and Attacks to Assist Management Level Take Decision. Masters thesis, Swiss German University.
|
Text
Ardian Oktadika 21951029 TOC.pdf Download (1MB) | Preview |
|
![[img]](http://repository.sgu.ac.id/style/images/fileicons/text.png) |
Text
Ardian Oktadika 21951029 1.pdf Restricted to Registered users only Download (865kB) |
|
|
Text
Ardian Oktadika 21951029 2.pdf Restricted to Registered users only Download (2MB) |
|
|
Text
Ardian Oktadika 21951029 3.pdf Restricted to Registered users only Download (542kB) |
|
|
Text
Ardian Oktadika 21951029 4.pdf Restricted to Registered users only Download (5MB) |
|
|
Text
Ardian Oktadika 21951029 5.pdf Restricted to Registered users only Download (258kB) |
|
|
Text
Ardian Oktadika 21951029 Ref.pdf Download (797kB) | Preview |
Abstract
Technological developments are followed by increasingly sophisticated threats which then increase the capabilities of cyber threats, network security devices such as firewalls, Intrusion Detection System (IDS), Web Application Firewalls (WAF) help overcome cyber threat problems, but some network security devices use the signature method based which only detects based on what is already known, so it has the possibility of threats that are unknown by network security devices then bypasses the function of network security devices so that network security devices do not detect threats by malicious activity. Through the methods we use in this research, we address these challenges through a threat hunting. We performed analysis events log of security device, network forensic for evaluation and validation using memory forensic. We have validated the current detected unknown threats by creating new rules to properly block them for the future incoming traffic.
| Item Type: | Thesis (Masters) |
|---|---|
| Uncontrolled Keywords: | Log Collection, Intrusion Detection, Log Analysis, Threat Hunting, Malicious Detection |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software > > QA76.93 Computer networks--Security measures T Technology > T Technology (General) > T58.5 Information technology |
| Depositing User: | Faisal Ifzaldi |
| Date Deposited: | 06 Jan 2022 04:16 |
| Last Modified: | 06 Jan 2022 04:16 |
| URI: | http://repository.sgu.ac.id/id/eprint/2288 |
Actions (login required)
 |
View Item |