A carregar...
Publicação
Investigação e desenvolvimento de um sistema automático de detecção, monitorização e análise da propagação de worms em redes empresariais
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 2.87 MB | Adobe PDF |
Autores
Orientador(es)
Resumo(s)
This project is an attempt to correct a potentially dangerous security gap in
large enterprise networks, in this context a solution is presented, the WMS, which
allows automatic capture of alleged malicious traffic that originates on the corporate network, including mechanisms of back-end, as the mwmonitor prototype,
which automatically handles the important task of identifying and dynamic analyzing
of internally malware spread like worms and bots that may be involved in
captured traffic by the strategically distributed probes on the corporate network.
In a business environment are required to have non-intrusive solutions, as well as lightweight solutions, efficient, easy integration and above all productive,
and there was particular concern in the design and construction a decentralized
architecture for the WMS well as the choice of constituent technologies.
As a result, after the creation of security metrics, the system also allows the
monitoring (WMSi) protection status of a large corporate network with regard to
the occurrence of internal propagation of malware.
To validate the implemented solution as well as other applications of the solution
was performed in a final phase, an experimental evaluation in which they
extract some interesting statistical results and information about attack trends.
Descrição
Palavras-chave
Security Worm/Bot Monitoring Honeypot/Honeynet