Download Part II. Project Information, to be completed by the proposer (Faculty

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
Document related concepts

Computer network wikipedia , lookup

IEEE 1355 wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Hacker wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

Wireless security wikipedia , lookup

Deep packet inspection wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Computer security wikipedia , lookup

Distributed firewall wikipedia , lookup

Transcript 
CENG SP-FORM1
ÇANKAYA UNIVERSITY
Computer Engineering Department
CENG 407–408 Senior Project (Innovative System Design and
Development) Proposal Form
This form should be used for all CENG 407 – 408 Senior Project Proposals. A topic can be jointly proposed by
student, signed by at least one of the partners.
Part I.
faculty, company and/or
Project Proposer
Names (supervisor,
company, student)
and organizations
Alptugay DEĞİRMENCİOĞLU,
LABRIS NETWORKS
Mobile
5074973233
E-Mail
[email protected]
Signature
Part II.
Project Information, to be completed by the proposer (Faculty, Student and/or Company)
Starting Term
Title
2
0
1
5
/
2
0
1
6
▢ Fall
▢ Spring
Security Log Visualization software
Description (extra sheets can be added)
Security appliances like firewalls produce lots of logs of network access and these logs are millions in
lines. It is very hard to inspect these logs and recognize the black ship (attacker) in logs. Big data and
security intelligence are the two very important topics in security. This vast amount of data gets increasingly
hard to understand. Terms like map reduce, hadoop, spark, elasticsearch, data science, etc. are part of many
discussions. Data visualization is the only approach that scales to the ever changing threat landscape and
infrastructure configurations.
Using big data visualization techniques, you uncover hidden patterns of data, identify emerging
vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed
than conventional methods.
On the other hand visualization techniques are widely used in areas of marketing, presentations. For
example, giving a graph instead of a table is getting more important for getting attention of the user or
customer. To visualize this process and to make data must pass through certain stages. Users may want to
keep transactions simple and visually in the Internet environment under control in this application.
The main objective is to provide the intervention's immediate or report at regular intervals. Also,
security visualization is in increase and gives broad horizon for security researcher, product developers and
customers.
This project is a more detailed. Used to configure for to save the operating system security audit log
activity. Local Security Authority Subsystem Service writes events to the log. The Security Log is one of the
primary tools used by Administrators to detect and investigate attempted and successful unauthorized
activity and to troubleshoot problems. Application control policy, rogue systems and making unauthorized
transactions to detect and prevent applications running on the system and user activities are recorded on the
log map shown. The reason for designing the interface to show threats and cyber-attacks against the user
under the transaction is to keep record at regular time intervals.
Version: July 2015
CENG SP-FORM1
All these are provided by the operating system as a firewall application. In computing, a firewall is a
network security system that monitors and controls the incoming and outgoing network traffic based on
predetermined security rules. A firewall typically establishes a barrier between a trusted, secure internal
network and another outside network, such as the Internet, that is assumed to not be secure or trusted.
Firewalls are often categorized as either network firewalls or host-based firewalls. Network firewalls are a
software appliance running on general purpose hardware or hardware-based firewall computer appliances
that filter traffic between two or more networks. Host-based firewalls provide a layer of software on one
host that controls network traffic in and out of that single machine. Routers that pass data between networks
contain firewall components and can often perform basic routing functions as well, Firewall appliances may
also offer other functionality to the internal network they protect such as acting as a DHCP or VPN server
for that network. As the network environment is used effectively in operation.
In conclusion, this project aims to develop a security visualization software which process single of
multiple firewall logs, analyze the logs, extract precious information and create meaningful visualizations in
geo maps and other forms in a web GUI.
Similar Products/Projects:
Secviz applications: http://map.ipviking.com/ , http://www.digitalattackmap.com
Dataviz samples: http://selection.datavisualization.ch/, http://www.secviz.org
Justification
Novelty
The current applications are for multi-to-multi visibility of networks. That is traffic
coming from multiple sources destined to multiple destinations. This project aims to
develop and release a software for a single enterprise, providing visualization of traffic
coming from multiple source into single destination. This visualization should include
correlated security information not just packet and byte counters. For example it should,
1- give differentiated view of allowed and denied traffic
2- give former connections with remote peers
3- give aggregated view of denied connections
The software should listen from pluggable log types. For example, it will be able to get a
new plugin which include a new log type definition and log security metadata and give
visualized reports.
Complexity
When you open a port through the firewall for a specific program allows you to send or
receive information from your computer that is like punching a hole in firewall . Each
port is opened or when you allow a program to communicate through the firewall
computer security is reduced. The more allowed programs or open ports, hackers or
malicious software open to spread the worm, access your files or your computer to
spread malicious software to others, allows to use. If you open a port, this port it remains
open until it is deactivated by program used but not used. When not provided with the
regular data flow and reporting, it will be difficult to keep the situation under control and
it may be exposed to attacks by malicious software.
Constraints:
economics,
sustainability,
environment, ethics,
security, health, social
and political issues,
Version: July 2015
Postgresql will be used as data source. Python, javascript or other languages will be used
for development. As web development framework flask or any other framework by
choice of team might be used.
CENG SP-FORM1
Risks involved
Version: July 2015
In the data flow, big data can lead to network congestion while trying to reach the
desired. Malware can benefit from congestion on the network and then attempts to
unauthorized. Security solutions are not reported properly and not provided follow tracks
to left easily it will be exposed to cyber-attacks for system not be able to intervene.
(IP information, location etc.). Another risk is to establish a fake ip connection. The
system is required catch vulnerabilities. Otherwise, it would be unilateral and data flow
unauthorized.
Related documents
Firewall Configuration
Firewall Configuration
CS572: Computer Security
CS572: Computer Security
Document 62752
Document 62752
homework 8
homework 8
AMIA 2000 Presentation as PowerPoint
AMIA 2000 Presentation as PowerPoint
Understanding and Installing Firewalls
Understanding and Installing Firewalls
www.whowhatweb.com
www.whowhatweb.com
Hot Topics: Information Retrieval for Network Security
Hot Topics: Information Retrieval for Network Security
Firewall
Firewall
Denial of Service Attacks
Denial of Service Attacks
Visualization
Visualization
I get the error message “An error occurred while
I get the error message “An error occurred while
AppGate Distributed Device Firewall ™ Protecting user devices and the network
AppGate Distributed Device Firewall ™ Protecting user devices and the network
Firewalls
Firewalls
Security Fundamentals
Security Fundamentals
Lecture 11
Lecture 11
E-Commerce and Bank Security
E-Commerce and Bank Security
Powerpoint Slides
Powerpoint Slides
Mobile IPv6 and Firewalls: Problem Statement
Mobile IPv6 and Firewalls: Problem Statement
Ch10 - Protection Mechanism
Ch10 - Protection Mechanism
Citrix Application Firewall
Citrix Application Firewall
procedure name - Siskiyou Central Credit Union
procedure name - Siskiyou Central Credit Union