Back close

Detection and Prevention of Advanced Persistent Threat (APT) Activitiesin Heterogeneous Networks using SIEM and Deep Learning

Start Date: Sunday, Apr 01,2018

School: School of Engineering

Project Incharge:Dr. T. Senthil Kumar
Funded by:IBM Shared University Research
Detection and Prevention of Advanced Persistent Threat (APT) Activitiesin Heterogeneous Networks using SIEM and Deep Learning

The organization consists of different networks at various geographical locations. For such vast networks a simple honeypot is not enough to decoy attackers. Hence, a collection of various honeypots installed at various geographically separated locations inside the organization is necessary for luring attackers. Such a conglomeration of honeypots – Honeynet – is the key in collection of attacker data and traffic destined at the organization. Heterogeneous data from Network devices, Systems, Firewalls, NIDS, UTMs, etc., are collected at a centralized location using Cloud basedSplunk Security Information and Event Management (SIEM) for further processing. Extracting useful information from a plethora of heterogeneous data is a difficult task. SIEM is supported with a Correlation Engine for processing such heterogeneous data. The Correlation Engine is capable of deploying Complex Event Analysis techniques, Data Mining techniques, Deep Learning algorithms, Log Analysis techniques, etc., for searching the presence of attack vectors (or anomalous behaviour). The output of the Correlation Engine can be categorised to rank the output network behaviour in terms of the severity of the data/traffic by using a metric such as Vulnerability Score. The dashboard of the SIEM machine is capable of displaying the near real time processing of the various network and host events, network traffic flow statistics, system behaviour, and other properties of the network.

Team Members:

  • Dr.Gireesh Kumar T-Associate Professor( CSE)
  • Dr. Senthil Kumar T –Associate Professor(CSE)
  • Dr.Harish Ram D.S-Assistant Professor(ECE)
  • Dr. Binoy B Nair -Assistant Professor(ECE)

Related Projects

Security Event Processing Acceleration using GPGPU
Security Event Processing Acceleration using GPGPU
Intelligent, Animal Attack Prevention System for Crop Protection
Intelligent, Animal Attack Prevention System for Crop Protection
Fabrication of Silica Etch Mask using EBL and F Chemistry Dry Etching
Fabrication of Silica Etch Mask using EBL and F Chemistry Dry Etching
Around View System
Around View System
New and Efficient Photosensitizers for Nanocrystalline TiO2 Based Dye Sensitized Solar Cells
New and Efficient Photosensitizers for Nanocrystalline TiO2 Based Dye Sensitized Solar Cells
Admissions Apply Now