Provenance-based intrusion detection
Complex heterogeneous dynamic networks, such as knowledge graphs, are important constructions for simulating the records of data modification, access and usage in computer systems. In this project we investigated the analysis of these graphs and the tracing of their pattern to uncover cyber security...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2022
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/162948 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-162948 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1629482022-11-14T07:21:20Z Provenance-based intrusion detection Ng, Joel Soon En Ke Yiping, Kelly School of Computer Science and Engineering ypke@ntu.edu.sg Engineering::Computer science and engineering Complex heterogeneous dynamic networks, such as knowledge graphs, are important constructions for simulating the records of data modification, access and usage in computer systems. In this project we investigated the analysis of these graphs and the tracing of their pattern to uncover cyber security related threats using the visual assistance of graphs to illustrate how people interact with data. The application of a provenance detection system might strengthen our future cybersecurity defenses. Camflow, a whole system provenance capturing Linux Security module, has shown great results for capturing information in W3C/JSON format and is also capable of displaying the provenance graph recorded of how the user interacts with the system through the use of MQTT. However, Camflow cannot give data in a user-readable manner on its own, hence the intention is to employ Flurry, a tool that can handle information gathered by Camflow. Flurry is an application that facilitates webserver setup. Camflow records/captures user benign or malicious behavior on the website. Flurry will filter this data using W3C filters and analyze them before displaying them in user-friendly graphics. Bachelor of Engineering (Computer Engineering) 2022-11-14T07:21:19Z 2022-11-14T07:21:19Z 2022 Final Year Project (FYP) Ng, J. S. E. (2022). Provenance-based intrusion detection. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/162948 https://hdl.handle.net/10356/162948 en SCSE21-0802 application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering |
| spellingShingle |
Engineering::Computer science and engineering Ng, Joel Soon En Provenance-based intrusion detection |
| description |
Complex heterogeneous dynamic networks, such as knowledge graphs, are important constructions for simulating the records of data modification, access and usage in computer systems. In this project we investigated the analysis of these graphs and the tracing of their pattern to uncover cyber security related threats using the visual assistance of graphs to illustrate how people interact with data. The application of a provenance detection system might strengthen our future cybersecurity defenses. Camflow, a whole system provenance capturing Linux Security module, has shown great results for capturing information in W3C/JSON format and is also capable of displaying the provenance graph recorded of how the user interacts with the system through the use of MQTT.
However, Camflow cannot give data in a user-readable manner on its own, hence the intention is to employ Flurry, a tool that can handle information gathered by Camflow. Flurry is an application that facilitates webserver setup. Camflow records/captures user benign or malicious behavior on the website. Flurry will filter this data using W3C filters and analyze them before displaying them in user-friendly graphics. |
| author2 |
Ke Yiping, Kelly |
| author_facet |
Ke Yiping, Kelly Ng, Joel Soon En |
| format |
Final Year Project |
| author |
Ng, Joel Soon En |
| author_sort |
Ng, Joel Soon En |
| title |
Provenance-based intrusion detection |
| title_short |
Provenance-based intrusion detection |
| title_full |
Provenance-based intrusion detection |
| title_fullStr |
Provenance-based intrusion detection |
| title_full_unstemmed |
Provenance-based intrusion detection |
| title_sort |
provenance-based intrusion detection |
| publisher |
Nanyang Technological University |
| publishDate |
2022 |
| url |
https://hdl.handle.net/10356/162948 |
| _version_ |
1751548526680080384 |