Provenance graph generation for intrusion detection
Intrusion Detection System (IDS) is a monitoring system that passively listens to a network, detecting and generating alerts for suspicious activities. However, detection of such activities has become increasingly challenging due to sophisticated evasion techniques deployed by present-day malware...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/171978 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-171978 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1719782023-11-24T15:37:13Z Provenance graph generation for intrusion detection Chong, Wai Mun Ke Yiping, Kelly School of Computer Science and Engineering ypke@ntu.edu.sg Engineering::Computer science and engineering Intrusion Detection System (IDS) is a monitoring system that passively listens to a network, detecting and generating alerts for suspicious activities. However, detection of such activities has become increasingly challenging due to sophisticated evasion techniques deployed by present-day malware and Advanced Persistent Threats (APTs). Consequently, commercial IDSs may fail to detect intrusions for extended periods, leading to substantial financial losses and data breaches for organizations. Provenance graphs are directed graphs that documents the lineage and history of data, and their associated activities. In a host system, provenance graph delivers a forensic aspect to intrusion detection, capturing the descendants and activities from a single malicious entity. By capturing intricate data flows and system objects, provenance graphs have the potential to better protect systems from emerging cyber threats. This project embarks on the exploration of provenance graphs to enhance intrusion detection capabilities. It will also generate provenance datasets from benign and malicious activities, and proposing graph analysis algorithms for intrusion detection. Bachelor of Engineering (Computer Science) 2023-11-20T02:46:42Z 2023-11-20T02:46:42Z 2023 Final Year Project (FYP) Chong, W. M. (2023). Provenance graph generation for intrusion detection. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/171978 https://hdl.handle.net/10356/171978 en SCSE22-0931 application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering |
| spellingShingle |
Engineering::Computer science and engineering Chong, Wai Mun Provenance graph generation for intrusion detection |
| description |
Intrusion Detection System (IDS) is a monitoring system that passively listens to a
network, detecting and generating alerts for suspicious activities. However, detection
of such activities has become increasingly challenging due to sophisticated evasion
techniques deployed by present-day malware and Advanced Persistent Threats
(APTs). Consequently, commercial IDSs may fail to detect intrusions for extended
periods, leading to substantial financial losses and data breaches for organizations.
Provenance graphs are directed graphs that documents the lineage and history of
data, and their associated activities. In a host system, provenance graph delivers a
forensic aspect to intrusion detection, capturing the descendants and activities from a
single malicious entity. By capturing intricate data flows and system objects,
provenance graphs have the potential to better protect systems from emerging cyber
threats.
This project embarks on the exploration of provenance graphs to enhance intrusion
detection capabilities. It will also generate provenance datasets from benign and
malicious activities, and proposing graph analysis algorithms for intrusion detection. |
| author2 |
Ke Yiping, Kelly |
| author_facet |
Ke Yiping, Kelly Chong, Wai Mun |
| format |
Final Year Project |
| author |
Chong, Wai Mun |
| author_sort |
Chong, Wai Mun |
| title |
Provenance graph generation for intrusion detection |
| title_short |
Provenance graph generation for intrusion detection |
| title_full |
Provenance graph generation for intrusion detection |
| title_fullStr |
Provenance graph generation for intrusion detection |
| title_full_unstemmed |
Provenance graph generation for intrusion detection |
| title_sort |
provenance graph generation for intrusion detection |
| publisher |
Nanyang Technological University |
| publishDate |
2023 |
| url |
https://hdl.handle.net/10356/171978 |
| _version_ |
1783955543603281920 |