Detalhes bibliográficos
| Ano de defesa: |
2017 |
| Autor(a) principal: |
Menezes, Pablo Marques |
| Orientador(a): |
Salgueiro, Ricardo José Paiva de Britto |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Não Informado pela instituição
|
| Programa de Pós-Graduação: |
Pós-Graduação em Ciência da Computação
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://ri.ufs.br/jspui/handle/riufs/10778
|
Resumo: |
Data centers have evolved in increasingly complex scenarios, making network management a difficult task for administrators, particularly in the area of information security. The need to make autonomous computing environments evident is due to the complexity and ubiquity of technology in almost every aspect of human life. In addition to bringing business dynamism and new services to users, it also brings risks and complexity in management. In this scenario, several types of research have been carried out in search of methods to make these complex networks self-manageable. Inspired by the concepts of autonomic networks and the human immune system, this work uses dendritic cell algorithm in the MAdPE-K management model and the characteristics of programmability, centralized management, and decentralization of data planes and control of software-defined networks to provide autonomy. Considering that most attacks to a computer network start with the recognition of the assets, in the experiments Port Scan port scanning attacks were used as an anomalous event. This type of attack was used to prove the efficacy of detecting the anomalous process with the approach of the dendritic cells in a host. In the experiments, the whole cycle of the MAdPE-K model was followed and the reaction results were considered satisfactory, with an average time of 1.2 seconds between the detection of the anomalous event and the reaction with the isolation of the origin of the attack. |
