Developing a methodology for determining the effectiveness of security monitoring tools within a network

Armin Rahimi

Back

Developing a methodology for determining the effectiveness of security monitoring tools within a network

Thesis

Open access

Developing a methodology for determining the effectiveness of security monitoring tools within a network

Armin Rahimi

Washington State University

Master of Science (MS), Washington State University

2018

Handle:

https://hdl.handle.net/2376/100811

Files and links (1)

pdf

A_Rahimi_0420182.36 MBDownload View

Open Access

Abstract

Electric power distribution--Security measures.;Electric power failures--Prevention.

In 2015 a cyber attack targeted the Ukraine power grid causing a large scale power outage and exposing the possibility of similar events occurring around the world. This event demonstrated the long held concerns about such threats and the need for improved technologies to detect future malicious attacks. This thesis proposes a continuous network monitoring platform to enable the detection of sophisticated attacks within power system networks and a methodology to quantify the completeness of various monitoring technologies. Security of a network is determined based on certain simulated attack scenarios and the visibility that the monitoring technologies offer on each node in the network. The monitoring platform was developed using existing open-source technologies and validated with the Smart City Testbed at Washington State University. The platform gathers various security data (e.g., netflows, event logs, intrusion reports) from multiple sources inside the network such as the workstations, digital protection relays, and networks switches. The collected data is analyzed against a network models of the systems and quantitative scores are generated for each node based on how effective they are at monitoring for certain attacks. The resulting approach is validated against various simulated attacks within the testbed.

Metrics

11 File views/ downloads

20 Record Views

Details

Title: Developing a methodology for determining the effectiveness of security monitoring tools within a network
Creators: Armin Rahimi
Contributors: Adam Hahn (Degree Supervisor)
Awarding Institution: Washington State University
Academic Unit: Electrical Engineering and Computer Science, School of
Theses and Dissertations: Master of Science (MS), Washington State University
Publisher: Washington State University; [Pullman, Washington] :
Identifiers: 99900525006201842
Language: English
Resource Type: Thesis