Portal de Programas de Pós-Graduação (UnB)

SIGAA - Sistema Integrado de Gestão de Atividades Acadêmicas

PPEE PROGRAMA DE PÓS-GRADUAÇÃO PROFISSIONAL EM ENGENHARIA ELÉTRICA DEPTO ENGENHARIA ELETRICA Phone: Not available E-mail: Not available https://www.unb.br/pos-graduacao

Banca de DEFESA: Sávio Levy Rocha

Uma banca de DEFESA de MESTRADO foi cadastrada pelo programa.
STUDENT : Sávio Levy Rocha
DATE: 15/12/2022
TIME: 10:30
LOCAL: https://teams.microsoft.com/l/meetup-join/19%3a0a9998084fcc459f92b72fb6608767f7%40thread.tacv2/16703
TITLE:

Não informado.

KEY WORDS:

Não informado.

PAGES: 114
BIG AREA: Engenharias
AREA: Engenharia Elétrica
SUMMARY:

Cloud computing has introduced new technologies that have enabled a more agile continuous integration and continuous delivery (CI/CD) model to be built into the application development pipeline. One such technology is the use of containers in replacement to the traditional virtual machines. In addition to the benefits brought by the use of containers, threats and risks of attacks aimed at these environments have grown in equal proportion to their adoption. Intrusion Detection Systems (IDS) have been employed to secure cloud environments, however, the inherent characteristics of these environments have presented new challenges to achieving good intrusion detection results. Strictly, regarding intrusion detection in container environments, few studies have been conducted so far aiming at its improvement. In this work, a framework containing an architecture composed of five layers and its tools is proposed to implement a Host-based IDS (HIDS) aimed at container orchestration platforms through the identification of anomalies in system calls. The framework implemented in a functional corporate network topology emulated in the GNS3 software was tested with a public dataset of system calls demonstrating the viability of its operation. Through the experiment, it was possible to validate the integration between the layers of the framework vi and the detection results obtained using an unsupervised machine learning model surpassed those of the work that originated the public dataset used. The datasets are loaded, transformed and extracted from a free and open platform with front-end for visualization of anomaly detection alerts that can be analyzed by the SOC team in a dashboard created for IDS monitoring and decision making support.

BANKING MEMBERS:
Interno - 1311780 - FABIO LUCIO LOPES DE MENDONCA
Presidente - 2556078 - GEORGES DANIEL AMVAME NZE
Externo à Instituição - Luiz Fernando Sirotheau Serique Junior
Interno - 2363646 - RAFAEL RABELO NUNES

Notícia cadastrada em: 14/12/2022 14:58