Agentless endpoint security monitoring framework

Simple item page
dc.contributor.authorGhaleb, Asem
dc.contributor.supervisorTraore, Issa
dc.date.accessioned2019-05-28T19:31:14Z
dc.date.available2019-05-28T19:31:14Z
dc.date.copyright2019en_US
dc.date.issued2019-05-28
dc.degree.departmentDepartment of Electrical and Computer Engineeringen_US
dc.degree.levelMaster of Applied Science M.A.Sc.en_US
dc.description.abstractExisting endpoint security monitors use agents that must be installed on every computing host or endpoint. However, as the number of monitored hosts increases, agents installation, con figuration and maintenance become arduous and requires more efforts. Moreover, installed agents can increase the security threat footprint and several companies impose restrictions on using agents on every computing system. This work provides a generic agentless endpoint framework for security monitoring of computing systems. The computing hosts are accessed by the monitoring framework running on a central server. Since the monitoring framework is separate from the computing hosts for which the monitoring is being performed, the various security models of the framework can perform data retrieval and analysis without utilizing agents executing within the computing hosts. The monitoring framework retrieves transparently raw data from the monitored computing hosts that are then fed to the security modules integrated with the framework. These modules analyze the received data to perform security monitoring of the target computing hosts. As a use case, a real-time intrusion detection model has been implemented to detect abnormal behaviors on computing hosts based on the data collected using the introduced framework.en_US
dc.description.scholarlevelGraduateen_US
dc.identifier.urihttp://hdl.handle.net/1828/10904
dc.languageEnglisheng
dc.language.isoenen_US
dc.rightsAvailable to the World Wide Weben_US
dc.subjectAgentlessen_US
dc.subjectAgentless monitoringen_US
dc.subjectAgentless security monitoringen_US
dc.subjectsecurity frameworken_US
dc.subjectsecurity monitoring frameworken_US
dc.subjectendpoint security monitoringen_US
dc.subjectsecurity monitoringen_US
dc.titleAgentless endpoint security monitoring frameworken_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Ghaleb_Asem_MASc_2019.pdf
Size:
706.63 KB
Format:
Adobe Portable Document Format
Description:
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Electronic Theses and Dissertations (ETD)
Theses (Electrical and Computer Engineering)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.