Tunkeutumisen laajentamisen havaitseminen koneoppimisella
Tunkeutumisen laajentaminen on kyberhyökkäyksen vaihe, jossa hyökkääjä
laajentaa saamaansa jalansijaansa kohdeympäristössä hankkimalla haltuunsa lisää käyttäjätunnuksia
ja koneita. Tämä tutkielma määrittelee mitä tunkeutumisen laajentaminen on sekä
esittelee koneoppimisen menetelmiä, joilla sitä voidaan havaita. Parhaimmillaan koneoppimisen
luokittelijoilla pystytään tunnistamaan tunkeutumisen laajentaminen lähes aina. Malicious lateral movement is a phase in a cyber attack where the attacker extends
their foothold in the target environment by acquiring additional user credentials and
machines. This thesis defines what malicious lateral movement is and explores methods for
detecting it with machine learning techniques. Classifier models based on machine learning
exhibit the potential to identify lateral movement consistently.
Metadata
Näytä kaikki kuvailutiedotKokoelmat
- Kandidaatintutkielmat [5362]
Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
Combining conjunctive rule extraction with diffusion maps for network intrusion detection
Juvonen, Antti; Sipola, Tuomo (IEEE, 2013)Network security and intrusion detection are important in the modern world where communication happens via information networks. Traditional signature-based intrusion detection methods cannot find previously unknown ... -
Dimensionality reduction framework for detecting anomalies from network logs
Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (CRL Publishing, 2012)Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the ... -
On the (In)Security of 1090ES and UAT978 Mobile Cockpit Information Systems : An Attacker Perspective on the Availability of ADS-B Safety- and Mission-Critical Systems
Khandker, Syed; Turtiainen, Hannu; Costin, Andrei; Hämäläinen, Timo (Institute of Electrical and Electronics Engineers (IEEE), 2022)Automatic dependent surveillance-broadcast (ADS-B) is a key air surveillance technology and a critical component of next-generation air transportation systems. It significantly simplifies aircraft surveillance technology ... -
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
Simola, Jussi; Pöyhönen, Jouni; Lehto, Martti (Academic Conferences International, 2023)Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part ... -
Data Mining for the Security of Cyber Physical Systems Using Deep-Learning Methods
Nath, Bhagawan; Hämäläinen, Timo; Ezekiel, Soundararajan (Academic Conferences International Ltd, 2022)Cyber Physical Systems (CPSs) have become widely popular in recent years, and their applicability have been growing exponentially. A CPS is an advanced system that incorporates a computation unit along with a hardware unit, ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.