dc.contributor.author | Seneger, Kristoffer T. | |
dc.date.accessioned | 2015-09-11T08:06:31Z | |
dc.date.available | 2015-09-11T08:06:31Z | |
dc.date.issued | 2015 | |
dc.identifier.uri | http://hdl.handle.net/11250/299478 | |
dc.description | Masteroppgave informasjons- og kommunikasjonsteknologi - Universitetet i Agder, 2015 | nb_NO |
dc.description.abstract | With network traffic proliferating over the last couple of decades, there is an increasing
need to monitor security information in order to prevent and resolve network
security threats. A Security Information and Event Management (SIEM)
solution collects all the alerts that the various Intrusion Detection and Prevention
Systems (IDS/IDP or IDPS) generates, as well as security logs from various
other systems, into one database so that the security analyst (SA) can more easily
get an overview of the threat activity. A privacy enhanced anonymization and
deanonymization protocol (Anonymiser/ Reversible Anonymiser) has been used
to prevent a first-line security analyst, without proper clearance, getting access
to personal identifiable information (PII) and/or other types of confidential information
that are not allowed to leave the network perimeter. Some examples may
be PII sampled in IP packets, critical address information and network architecture.
This thesis proposes an architectural design for a new SIEM solution which
utilises a reversible anonymizer (RA) for enabling privacy-enhanced data collection
and on demand deanonymization of anonymized alarms. | nb_NO |
dc.language.iso | eng | nb_NO |
dc.publisher | Universitetet i Agder ; University of Agder | nb_NO |
dc.subject.classification | IKT 590 | |
dc.title | Searchable Privacy-Enabled Information and Event Management Solution. | nb_NO |
dc.type | Master thesis | nb_NO |
dc.subject.nsi | VDP::Technology: 500::Information and communication technology: 550 | nb_NO |
dc.source.pagenumber | 71 s. | nb_NO |