Print Email Facebook Twitter Project Mapyen Title Project Mapyen: A network analysis tool to identify anomalous host behaviours Author Mairet, Valentine (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Verwer, Sicco (mentor) van Deursen, Arie (graduation committee) Finavaro Aniche, Maurício (graduation committee) Degree granting institution Delft University of Technology Date 2018-02-14 Abstract The evolution of the cyber threat landscape drives companies towards state-of-the-art security monitoring techniques. Adyen, a payment service provider company, has both legal and moral obligations to perform security monitoring within the company to remain an ethical and sustainable business. The challenge is to uncover a well-founded solution to detect real-time incidents using lightweight network traffic metadata. This research identifies an optimal clustering solution to perform anomaly detection on the logged network metadata and enhances the analysis using individual probability-based network profiles for each host. The proof of concept implemented for this research is called Mapyen, and it is validated against three different attack scenarios, namely port scans, malware infection simulations, and data exfiltration scenarios. Despite the low precision and recall scores of the initial Mapyen system, it shows great potential for future security research and development. Subject anomaly detectionnetwork analysissecurity monitoringmonitoring ethicsclusteringnetwork profiling To reference this document use: http://resolver.tudelft.nl/uuid:60d6e300-41c5-4b5b-a3b9-3fccb5afce77 Part of collection Student theses Document type master thesis Rights © 2018 Valentine Mairet Files PDF VM_thesis_publishable.pdf 6.18 MB Close viewer /islandora/object/uuid:60d6e300-41c5-4b5b-a3b9-3fccb5afce77/datastream/OBJ/view