Zur Kurzanzeige

dc.rights.licenseAll rights reserveden_US
dc.contributor.advisorDuffany, Jeffrey
dc.contributor.authorMotta López, Henry
dc.date.accessioned2022-03-29T18:50:45Z
dc.date.available2022-03-29T18:50:45Z
dc.date.issued2021
dc.identifier.citationMotta López, H. (2021). Detection of WannaCry using Splunk and Sysmon [Unpublished manuscript]. Graduate School, Polytechnic University of Puerto Rico.en_US
dc.identifier.urihttp://hdl.handle.net/20.500.12475/1419
dc.descriptionDesign Project Article for the Graduate Programs at Polytechnic University of Puerto Ricoen_US
dc.description.abstractLately, ransomware keeps being an important topic of conversation around the information security communities, as well as politics and economics. It has caused major damage in all these sectors and researchers must keep evolving as ransomware doe finding new ways to detect and remove the threat. Ransomware’s sophisticated encryption and propagation schemes limit the security team’s chances of recovering data to almost zero. The researcher investigated the use of Splunk Enterprise combined with Sysmon to detect and explore a specific ransomware threat. For proof of concept, the researcher used a WannaCry sample to detect the first time it was executed. This way, an investigation can be done, and alerts can be configured to better aid the incident response team. This solution detects ransomware file creation through the Splunk search query using Sysmon event codes. Key Words – Detection, Ransomware, Splunk, Sysmon.en_US
dc.language.isoenen_US
dc.publisherPolytechnic University of Puerto Ricoen_US
dc.relation.ispartofComputer Science Program;
dc.relation.ispartofseriesWinter-2021;
dc.relation.haspartSan Juanen_US
dc.subject.lcshPolytechnic University of Puerto Rico--Graduate students--Researchen_US
dc.subject.lcshPolytechnic University of Puerto Rico--Graduate students--Postersen_US
dc.subject.lcshComputer security
dc.subject.lcshComputer crimes--Prevention
dc.subject.lcshHacking--Prevention
dc.subject.lcshAutomatic data collection systems
dc.titleDetection of WannaCry using Splunk and Sysmonen_US
dc.typeArticleen_US
dc.rights.holderPolytechnic University of Puerto Rico, Graduate Schoolen_US


Dateien zu dieser Ressource

Thumbnail
Thumbnail

Das Dokument erscheint in:

Zur Kurzanzeige