Vinsamlegast notið þetta auðkenni þegar þið vitnið til verksins eða tengið í það: https://hdl.handle.net/1946/47696
This thesis provides an automated system for the implementation of monitoring infrastructure within a company or research environment. This solution enables the effortless installation of the EFK stack (Elasticsearch, Fluentd, Kibana), and configures honeypot machines.
This research analyzed the cyber threats across geographical locations using the same honeypot hosted in different countries.
In response to these challenges, the thesis proposes a scalable, agent-less infrastructure using Ansible, focusing on the EFK stack for efficient log management and analysis. The research deployed Cowrie sensors in Amsterdam, Bangalore, and San Francisco, each encountering different peculiarities. The findings reveal variations in the nature and severity of attacks across different locations, with no single country emerging as the safest. The analysis of the data collected highlights the tactics of the attackers, such as brute-forcing credentials, and integrating machines into botnets. The research underscores coordinated attacks from multiple IP addresses and employing various malware strains.
Skráarnafn | Stærð | Aðgangur | Lýsing | Skráartegund | |
---|---|---|---|---|---|
TearDowntheFirewall.pdf | 2,61 MB | Opinn | Heildartexti | Skoða/Opna |