investigation brute-force attack using SIEM
Topic: Log mining for security breaches identification.
The growth of unstructured messages generated by computer systems and applications in modern computing environment poses a significant challenge in managing and using the information contained in the messages. Although these data contain a wealth of information that is useful for advanced threat detection, the high volume, variety, and complexity of data make it difficult to analyze them even by well-trained security analysts. While conventional Security Information and Event Management (SIEM) systems provide some capability to collect, correlate, and detect certain events from structured messages, their rule-based correlation and detection algorithms fall short in utilizing the information within the unstructured messages.
The objective of this project is to investigate existing methods for mining unstructured logs to extract and characterize security threats. A PoC would be demonstrating existing methods and techniques available.
Project instructions
1. The research SHOULD include figures of processes, methodologies, and investigation applications. It should be from 3000 to 3500 words maximum. The references should not be less than 9.
2. The research SHOULD be in IEEE formatting with the proper styles.
3. The paper is between 6 pages and 8 pages (single spaced lines, font size <=11).
4. Kindly update us about your progress frequently, this will help us to review the work and see the way forward.
5. The practical part was done ImagingSteps.docx, please ensure that the research is around that. Also, make sure to include screenshots were applicable in the research. Experimental Procedures section in the research will include the practical part ImagingSteps.docxthat. Also, makes sure to include screenshots were applicable in the research. Experimental Procedures section in the research will include the practical part ImagingSteps.docx
Project Sections
Abstract
A brief summary of the detailed research project, please add keywords which are important terms not known to common readers.
Introduction
1. Introduce SIEM solution benefit and importance. Mention also other SIEM solution products in the market eg. ArcSight, QRadar etc
2. Discuss the different feature of the SIEM.
3. The development of SIEM solution in the different generation and how it contributed to enhance and change the security industry.
4. Address the challenges and issue which might arise from using a SIEM.
5. Giving examples of attacks that a SIEM can detect and how to respond, and automation (mention brute-force attack as one type of attack and give several).
Literature Review
1. Describe the most relevant prior work and their key insights.
2. Critically analyzing existing literature in investigation using a SIEM solution.
3. Discuss pros and cons of each methods found.
Experimental procedures 1. Detailed description of what we are trying to accomplish.
2. Explore the different type of alarms and how to prioritize and classify them.
3. Specify tools you will be using in investigating in this case LogRhythm.
4. Explain the proper procedures which are done in investigating successful Brute-force attack alarm.
5. Conclude our finding
Conclusion and Future Work
1. Explain how SIEM can make investigation less tedious and efficient.
2. Summarize the key aspects of the research
3. Imply potential future work
4. Opinion on the research carried out
References
References will be taken based on the found readings. Please provide 9 or more references no less.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.