Detalhes bibliográficos
| Ano de defesa: |
2012 |
| Autor(a) principal: |
Martins, Daniel Mourão |
| Orientador(a): |
Não Informado pela instituição |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Não Informado pela instituição
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Link de acesso: |
http://www.repositorio.ufc.br/handle/riufc/17717
|
Resumo: |
Due to the constant increase of the use of information systems and the potential impact that these intrusions can cause in all spheres of society a Intrusion Detection and Prevention System (IDPS) has become a necessity for network ans services security from various world organizations. These systems usually depends of prior knowledge of the patterns of attacks in order to detect them. This work presents an strategy to scenarios with computational and financial resources limited, using only opensource software for intrusion detection. This proposal is the creation of one flexible and scalable IDPS, with software integration, implementation of alerts correlation rules and a signatures generator module for Snort, that can increase its efficiency enabling it to produce knowledge for preventing the recurrence of some intrusion attacks not constant in original database, thus minimizing the detection problem for these attacks. To validate this proposal, a testing scenario was implemented with three server machines, one with the solution manager module and one with Snort. The results confirmed that this strategy meets the proposed requisites in a satisfactorily way being an important contribution to researchs about the theme. |
