SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain
碩士 === 健行科技大學 === 資訊工程系碩士班 === 106 === As time goes by, Internet is the Infrastructure that everyone can easily access nowadays. Along with the convenience, Internet also brings the opportunity to people who try to do evil. Cyber-attack have been on the rise in recent years and many security relat...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2018
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/8uhfrv |
| id |
ndltd-TW-106CYU05394001 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-106CYU053940012019-10-03T03:40:49Z http://ndltd.ncl.edu.tw/handle/8uhfrv SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain 網路攻擊鏈安全性資訊與事件管理數位靶場 Chih-Hsiang Lu 呂智翔 碩士 健行科技大學 資訊工程系碩士班 106 As time goes by, Internet is the Infrastructure that everyone can easily access nowadays. Along with the convenience, Internet also brings the opportunity to people who try to do evil. Cyber-attack have been on the rise in recent years and many security related devices are built to help people defend against them. However, hacker is never stopping looking for the vulnerability of those IT devices. Cyber kill chain is the description to illustrate each step and show how it works during the whole attack process. A cyber security Capture The Flag (CTF) competition is an interesting way to attract the attention to people. By a series of knowledge and skill testing, it makes people realize the importance of information security. It is used as a learning tool for everyone that is interested in cyber security. However, it also makes people only focus on the individual part of attack. Consequently, it is difficult to learn the whole picture regarding entire incident event during the competition. Advanced Persistent Threat (APT) attracts lots of attention in recent years. Previous research has confirmed that it takes hundreds of days for people to realize the IT environment has been compromised by APT. Cyber Kill Chain Range (kRange) is a platform to demonstrate the intrusion step launched like by APT. In order to avoid misuse of kRange, the thesis use it as a foundation and develop the platform to collect all the data from front-end security device, and then demonstrate the intrusion steps automatically. The proposed platform is able to help people who is in the beginning stage learn the concept of each intrusion step from IR (Incident Response) point of view.With the proper design of hints during competition, the proposed platform is able to bring the information security idea to each participant. 許振銘 2018 學位論文 ; thesis 61 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 健行科技大學 === 資訊工程系碩士班 === 106 === As time goes by, Internet is the Infrastructure that everyone can easily access nowadays. Along with the convenience, Internet also brings the opportunity to people who try to do evil. Cyber-attack have been on the rise in recent years and many security related devices are built to help people defend against them. However, hacker is never stopping looking for the vulnerability of those IT devices. Cyber kill chain is the description to illustrate each step and show how it works during the whole attack process.
A cyber security Capture The Flag (CTF) competition is an interesting way to attract the attention to people. By a series of knowledge and skill testing, it makes people realize the importance of information security. It is used as a learning tool for everyone that is interested in cyber security. However, it also makes people only focus on the individual part of attack. Consequently, it is difficult to learn the whole picture regarding entire incident event during the competition.
Advanced Persistent Threat (APT) attracts lots of attention in recent years. Previous research has confirmed that it takes hundreds of days for people to realize the IT environment has been compromised by APT. Cyber Kill Chain Range (kRange) is a platform to demonstrate the intrusion step launched like by APT. In order to avoid misuse of kRange, the thesis use it as a foundation and develop the platform to collect all the data from front-end security device, and then demonstrate the intrusion steps automatically. The proposed platform is able to help people who is in the beginning stage learn the concept of each intrusion step from IR (Incident Response) point of view.With the proper design of hints during competition, the proposed platform is able to bring the information security idea to each participant.
|
| author2 |
許振銘 |
| author_facet |
許振銘 Chih-Hsiang Lu 呂智翔 |
| author |
Chih-Hsiang Lu 呂智翔 |
| spellingShingle |
Chih-Hsiang Lu 呂智翔 SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| author_sort |
Chih-Hsiang Lu |
| title |
SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| title_short |
SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| title_full |
SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| title_fullStr |
SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| title_full_unstemmed |
SIEM Cyber Range: Security Information and Event Management(SIEM) Range based on Cyber Kill Chain |
| title_sort |
siem cyber range: security information and event management(siem) range based on cyber kill chain |
| publishDate |
2018 |
| url |
http://ndltd.ncl.edu.tw/handle/8uhfrv |
| work_keys_str_mv |
AT chihhsianglu siemcyberrangesecurityinformationandeventmanagementsiemrangebasedoncyberkillchain AT lǚzhìxiáng siemcyberrangesecurityinformationandeventmanagementsiemrangebasedoncyberkillchain AT chihhsianglu wǎnglùgōngjīliànānquánxìngzīxùnyǔshìjiànguǎnlǐshùwèibǎchǎng AT lǚzhìxiáng wǎnglùgōngjīliànānquánxìngzīxùnyǔshìjiànguǎnlǐshùwèibǎchǎng |
| _version_ |
1719259809267580928 |