Please use this identifier to cite or link to this item: https://rda.sliit.lk/handle/123456789/2938
Full metadata record
DC FieldValueLanguage
dc.contributor.authorWeeraman, P.W.R.S.-
dc.date.accessioned2022-08-24T09:03:45Z-
dc.date.available2022-08-24T09:03:45Z-
dc.date.issued2021-
dc.identifier.urihttp://rda.sliit.lk/handle/123456789/2938-
dc.description.abstractDigital transformation is the standard business strategy approach in most Organizations. Every person is looking for digital solutions to aid their routine works. Every Organization looking possibility move to physical office concept for virtual office concept. Even homemakers and bargain hunters also expect to move online shopping with doorstep delivery solutions with this COVID-19 pandemic. Every business needs to adopt IT functions for their business process to ensure business stability or increase their revenue. Most large-scale enterprises have a dedicated IT strategy approach to align with their business strategy. They follow best IT security practices such as SIEM, security operation centers (SOC), annual IT compliance review, IT audit and best security devices in the market. However, most of the business do IT system adoption without a preplanned process. They do not follow any best it practices in term of IT security. Further, they do not have a proper IT strategy that aligns with business objectives. Most small and medium scale business with minimum IT infrastructures and IT operations. The absence of a proper IT security approach in the business may introduce new IT risk to their information and business. This Research makes experimental approach to adopt cyber threat intelligence to SIEM detection base using adversary tactic, technique, procedure (TTP) and machine learning (ML) instead of signature-based detection methods. TTP change is relatively more challenging than IP address or file hash change. This research concern uses TTP-based Security information and event management systems (SIEM) solution using open-source software and MITRE ATT&CK community framework. Further, this Research aims to reduce operating expenses and capital expenses using a community-based framework and opensource software.en_US
dc.language.isoenen_US
dc.subjectCOVID-19en_US
dc.subjectMITRE ATT&CKen_US
dc.subjectFrameworken_US
dc.subjectopen-sourceen_US
dc.subjectcybersecurityen_US
dc.subjectnetwork securityen_US
dc.subjectsecurityen_US
dc.subjectmanagementen_US
dc.subjectcomputer securityen_US
dc.subjectSIEMen_US
dc.subjectLog analysisen_US
dc.subjectSOCen_US
dc.subjectincident managementen_US
dc.subjectcyber forensicsen_US
dc.subjectMachine Learningen_US
dc.subjectBig dataen_US
dc.subjectSMBen_US
dc.subjectSONARen_US
dc.subjectSNORTen_US
dc.subjectThreat intelligenten_US
dc.subjectCTIen_US
dc.subjectMLen_US
dc.subjectSOCen_US
dc.titleMITRE ATTACK FRAMEWORK ADOPTION AS A SIEM RULE BASE USING MACHINE LEARNING APPROACHen_US
dc.typeThesisen_US
Appears in Collections:MSc 2021

Files in This Item:
File Description SizeFormat 
MS19801582_CS_IT6010.pdf
  Until 2050-12-31
1.83 MBAdobe PDFView/Open Request a copy
MS19801582_CS_IT6010_Abs.pdf296.74 kBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.