GPRS Mobile Security
Swisscom Mobile operates Network Intrusion Detection Systems in various places. Attack traces are analyzed and evaluated by network teams. This project addresses the quality of the evaluation. Dealing with false positive is a major issue. In order to reduce the work load, it could be interesting to automatically sort the alerts. The sorting should be sized to our environment. For example to, the HP-UX or Microsoft environments. Currently, the amount of alerts that are generated are getting to a point that they could overwhelm the analyst that is monitoring the events. Most of them are not directly related to the environment to be protected. Several solution exists in order to reduce the number of alerts : sorting, prioritizing, correlate with other IDS, correlate with Vulnerability analyzers. In this project the focus will be set on the correlation with Vulnerability Analyzers.
Etudiant: Pierre Duc
Année: 2003
Département: TIC
Filière: Informatique et systèmes de communication (anciennement Télécommunications) avec orientation en Réseaux et Services
Type de formation: Plein temps
Partenaire externe: Swisscom Mobile
Enseignant responsable: Stephan Robert
Téléchargement:
- Télécharger l'affiche