Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
40418.pdf (4.14 MB)
ETD Abstract Container
Abstract Header
Intrustion Detection in Soho Networks using Elasticsearch SIEM
Author Info
Nwosu, Ikechukwu C
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=ucin1627662698171667
Abstract Details
Year and Degree
2021, MS, University of Cincinnati, Education, Criminal Justice, and Human Services: Information Technology.
Abstract
The prevalence of cyberattacks on the home network today sparked great concern among researchers. With the advent of telecommuting and stay-at-home orders, cyber attackers have found network intrusion easier than usual as SOHO networks are generally incapable of rescinding the advanced intrusion techniques developed today. Therefore, there are more sensitive data online today than usual. Firewall configurations, Antivirus scans, and secure locks have all been studied and found to be ineffective in combating these advanced techniques. The researcher examines the design of a more advanced system of detecting and understanding attacks on home networks to solve this issue. The researcher takes an experimentation approach at combining the functionalities of Elasticsearch SIEM and Snort IDS to reinforce a secure SOHO network. A virtual simulation of real-life cyber-attack scenarios was carried out. The researcher found that the design was more effective in reporting attacks than the most alternative. The tools allowed the researcher to analyze the detected attacks, visualize them, and correlate them with open-source rules that take further actions against detected intrusions. Although this design requires more than a basic understanding of setting up, the researcher believes that the quality of its effectiveness may spur further research on how SIEM configuration may be made more accessible and straightforward to use to SOHO administrators.
Committee
M. Murat Ozer, Ph.D. (Committee Chair)
Ryan Moore (Committee Member)
Pages
73 p.
Subject Headings
Information Technology
Keywords
Intrusion Detection
;
Soho Networks
;
SIEM
;
SNORT
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Nwosu, I. C. (2021).
Intrustion Detection in Soho Networks using Elasticsearch SIEM
[Master's thesis, University of Cincinnati]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1627662698171667
APA Style (7th edition)
Nwosu, Ikechukwu.
Intrustion Detection in Soho Networks using Elasticsearch SIEM.
2021. University of Cincinnati, Master's thesis.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=ucin1627662698171667.
MLA Style (8th edition)
Nwosu, Ikechukwu. "Intrustion Detection in Soho Networks using Elasticsearch SIEM." Master's thesis, University of Cincinnati, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=ucin1627662698171667
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
ucin1627662698171667
Download Count:
428
Copyright Info
© 2021, some rights reserved.
Intrustion Detection in Soho Networks using Elasticsearch SIEM by Ikechukwu C Nwosu is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. Based on a work at etd.ohiolink.edu.
This open access ETD is published by University of Cincinnati and OhioLINK.