Μελέτη τεχνικών, εργαλείων και frameworks για την παράκαμψη συστημάτων EDRs
Evading Endpoint Detection and Response (EDR) techniques, Tools, and frameworks.
View/
Keywords
Εντοπισμός και Ανταπόκριση σε Τερματικά (EDR) ; Διαχείριση Πληροφοριών και Συμβάντων Ασφαλείας (SIEM) ; Wazuh Dashboard ; Wazuh SIEM ; Τεχνικές παράκαμψης EDR ; Κυβερνοασφάλεια ; Περιορισμοί ανίχνευσης ; Endpoint Detection and Response (EDR) ; Security Information and Event Management (SIEM)Abstract
In today’s digital era, cyber threats and data breaches are constantly evolving, making the implementation of advanced security strategies essential for the protection of information systems. This thesis presents a comprehensive study of endpoint security technologies, tools, and frameworks, with particular emphasis on Endpoint Detection and Response (EDR) systems,
while also examining their integration with Security Information and Event Management (SIEM) solutions.
The study begins with a theoretical analysis of core protection technologies, focusing on the proactive capabilities of EDR systems that enable continuous monitoring, timely threat detection, and rapid response, utilizing advanced techniques such as machine learning algorithms and behavioral analysis. The research then focuses on the practical application and evaluation of a specific EDR solution Wazuh by incorporating rules that enable its operation as an EDR within a controlled lab environment. Through simulated attacks and testing, the capabilities of Wazuh in detecting and managing cyber threats are assessed, while EDR evasion techniques are also applied to identify and analyze the limitations of such systems. The findings of the study provide an in-depth understanding of the strengths and weaknesses of modern endpoint protection solutions, highlighting the importance of their
combined use with SIEM platforms for a more holistic and effective cybersecurity approach. Furthermore, the analysis of evasion techniques underscores the need for continuous improvement and evolution of these systems to counter emerging threats.
In conclusion, this thesis makes a significant contribution to understanding the challenges and requirements of modern
Postgraduate Studies Programme
Κυβερνοασφάλεια και Επιστήμη ΔεδομένωνDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
74Language
GreekCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα