In this thesis, I present analysis of security incident reports in IDEA format from Mentat and their aggregation and correlation methods design and implementation. In data analysis, I show huge security reports diversity. Next, I show design of simple framework and system of templates. This framework and system of templates simplify aggregation and correlation methods design and implementation. Finally, I evaluate designed methods using Mentat database dumps. The results showed that designed methods can reduce the number of security reports up to 90% without loss of any significant information.
| Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:255432 |
| Date | January 2016 |
| Creators | Kapičák, Daniel |
| Contributors | Kováčik, Michal, Bartoš, Václav |
| Publisher | Vysoké učení technické v Brně. Fakulta informačních technologií |
| Source Sets | Czech ETDs |
| Language | Czech |
| Detected Language | English |
| Type | info:eu-repo/semantics/masterThesis |
| Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0012 seconds