Back close

Detection and Prevention of Advanced Persistent Threat (APT) Activitiesin Heterogeneous Networks using SIEM and Deep Learning

Start Date: Sunday, Apr 01,2018

School: School of Engineering

Project Incharge:Dr. T. Senthil Kumar
Funded by:IBM Shared University Research
Detection and Prevention of Advanced Persistent Threat (APT) Activitiesin Heterogeneous Networks using SIEM and Deep Learning

The organization consists of different networks at various geographical locations. For such vast networks a simple honeypot is not enough to decoy attackers. Hence, a collection of various honeypots installed at various geographically separated locations inside the organization is necessary for luring attackers. Such a conglomeration of honeypots – Honeynet – is the key in collection of attacker data and traffic destined at the organization. Heterogeneous data from Network devices, Systems, Firewalls, NIDS, UTMs, etc., are collected at a centralized location using Cloud basedSplunk Security Information and Event Management (SIEM) for further processing. Extracting useful information from a plethora of heterogeneous data is a difficult task. SIEM is supported with a Correlation Engine for processing such heterogeneous data. The Correlation Engine is capable of deploying Complex Event Analysis techniques, Data Mining techniques, Deep Learning algorithms, Log Analysis techniques, etc., for searching the presence of attack vectors (or anomalous behaviour). The output of the Correlation Engine can be categorised to rank the output network behaviour in terms of the severity of the data/traffic by using a metric such as Vulnerability Score. The dashboard of the SIEM machine is capable of displaying the near real time processing of the various network and host events, network traffic flow statistics, system behaviour, and other properties of the network.

Team Members:

  • Dr.Gireesh Kumar T-Associate Professor( CSE)
  • Dr. Senthil Kumar T –Associate Professor(CSE)
  • Dr.Harish Ram D.S-Assistant Professor(ECE)
  • Dr. Binoy B Nair -Assistant Professor(ECE)

Related Projects

Threat Modeling, Trust Modeling, and Development of Secure Platform in Cloud Environments
Threat Modeling, Trust Modeling, and Development of Secure Platform in Cloud Environments
Design and Development of an IoT Based Smart Irrigation and Fertilization System for Chilli Farming
Design and Development of an IoT Based Smart Irrigation and Fertilization System for Chilli Farming
AYUSH Unit Converter
AYUSH Unit Converter
BODHI: Public Surveillance & Awareness Tele-Operated Robot
BODHI: Public Surveillance & Awareness Tele-Operated Robot
KaraChara- Hand Orthosis for Rehabilitation of Stroke Patients
KaraChara- Hand Orthosis for Rehabilitation of Stroke Patients
Admissions Apply Now