Building threat profiles based on model asset inventorying and automated penetration testing

Σχεδίαση προφίλ επιθέσεων βασισμένη σε μοντελοποίηση αγαθών και σε αυτοματοποιημένο έλεγχο εισβολών δικτύου

Thumbnail
Master Thesis
Author
Lazaridis, Christos
Λαζαρίδης, Χρήστος
Date
2023-11
Advisor
Kotzanikolaou, Panagiotis
Κοτζανικολάου, Παναγιώτης
View/Open
Keywords
Range development ; Asset inventorying ; Log analysis ; CPE extraction ; SIEM technologies ; Firewall ; Active directory 
Abstract
Technology is expanding rapidly, with modern systems constantly adding IT, OT, IoT, edge, and various components to meet market demands. This growth enables new functionalities and convenience but also poses significant cybersecurity challenges. Protecting known and unknown assets from numerous threats is now a top priority for global organizations. This thesis proposes a comprehensive approach to tackle cybersecurity issues by using advanced techniques and technologies. It primarily focuses on creating cyber ranges and employing techniques to inventory assets from Windows and Linux devices, organizing them into a Common Platform Enumeration (CPE) format v2.3. This method lays the groundwork for our innovative threat profiling approach. To enhance our cybersecurity defense, we incorporate widely used Security Information Event Management (SIEM) solutions like Sentinel and Wazuh. These platforms offer vital insights into the security status of listed assets. Additionally, we utilize automated penetration testing solutions to verify threats, employing the ATT&CK technique framework to identify vulnerabilities and attack methods. The following sections detail the comprehensive approach, exploring background information, related work, and introducing a customized method designed for the ever changing cybersecurity landscape. Our thesis aims to protect modern systems by bridging the gap between known and unknown assets, creating a solid foundation for developing essential threat profiles crucial in the current era of rapid technological growth.
Postgraduate Studies Programme
Κατανεμημένα Συστήματα, Ασφάλεια και Αναδυόμενες Τεχνολογίες Πληροφορίας
Department
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Πληροφορικής
Corporate Department
Focal Point sprl
Number of pages
104
Language
English
URI
https://dione.lib.unipi.gr/xmlui/handle/unipi/16029
http://dx.doi.org/10.26267/unipi_dione/3451
Collections
Show full item record
Αναφορά Δημιουργού 3.0 Ελλάδα
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού 3.0 Ελλάδα
Βιβλιοθήκη Πανεπιστημίου Πειραιώς
Contact Us
Send Feedback
Created by ELiDOC
Η δημιουργία κι ο εμπλουτισμός του Ιδρυματικού Αποθετηρίου "Διώνη", έγιναν στο πλαίσιο του Έργου «Υπηρεσία Ιδρυματικού Αποθετηρίου και Ψηφιακής Βιβλιοθήκης» της πράξης «Ψηφιακές υπηρεσίες ανοιχτής πρόσβασης της βιβλιοθήκης του Πανεπιστημίου Πειραιώς»