Chiara De Novellis
Analysis of application layer attacks on honeypot logs.
Rel. Marco Mellia. Politecnico di Torino, Corso di laurea magistrale in Communications And Computer Networks Engineering (Ingegneria Telematica E Delle Comunicazioni), 2022
|
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (2MB) | Preview |
Abstract: |
Nowadays, the urge for an insight in suspicious traffic traveling on the networks is becoming a main issue in the cyber security field. Taking advantage of a monitoring infrastructure already installed comprising passive and active sensors, such as Darknets and honeypots, we focus on a specific one, the Heralding honeypot. Honeypots are becoming a classical tool in cyber security policies since they can be useful to monitor and identify new attacks. More specifically, they are placed in the internet and build ad-hoc to be attacked, usually miming the behavior of unsafe system and so interacting with the incoming traffic. A comprehensive analysis of this collected data by honeypot, gives the possibility to observe closer new arising bot nets or DDoS attacks. The aim of this work is to provide an insight of the information collected by the Heralding, such as who attacks, with which frequency and so on. So after provisioning if there are enough collected information to distinguish whether or not the traffic is malicious, we investigate if there are some clear attacking patterns by means also of some unsupervised Machine Learning techniques. |
---|---|
Relatori: | Marco Mellia |
Anno accademico: | 2021/22 |
Tipo di pubblicazione: | Elettronica |
Numero di pagine: | 63 |
Soggetti: | |
Corso di laurea: | Corso di laurea magistrale in Communications And Computer Networks Engineering (Ingegneria Telematica E Delle Comunicazioni) |
Classe di laurea: | Nuovo ordinamento > Laurea magistrale > LM-27 - INGEGNERIA DELLE TELECOMUNICAZIONI |
Aziende collaboratrici: | NON SPECIFICATO |
URI: | http://webthesis.biblio.polito.it/id/eprint/23596 |
Modifica (riservato agli operatori) |