Veuillez utiliser cette adresse pour citer ce document : https://di.univ-blida.dz/jspui/handle/123456789/26029
Affichage complet
Élément Dublin CoreValeurLangue
dc.contributor.authorAbdelhadi, Ilyes-
dc.contributor.authorElaichi, Hamza-
dc.contributor.authorDouga, Yacine (Promoteur)-
dc.contributor.authorElbaouni, Nassim (Promoteur)-
dc.date.accessioned2023-10-29T13:57:30Z-
dc.date.available2023-10-29T13:57:30Z-
dc.date.issued2023-
dc.identifier.urihttps://di.univ-blida.dz/jspui/handle/123456789/26029-
dc.descriptionill., Bibliogr. Cote:ma-004-972fr_FR
dc.description.abstractThe escalating sophistication and ubiquity of command and control (C2) attacks present formidable challenges to organisations in terms of their ability to detect and respond to these threats effectively. Security operations centres (SOCs) grapple with resource limitations, skills shortages, and the need for seamless coordination among disparate systems. In this context, the emergence of security orchestration, automation, and response (SOAR) offers a promising solution. By automating mundane tasks, leveraging advanced intelligence and reporting capabilities, and streamlining workflows through playbooks, SOAR empowers cybersecurity professionals to leverage their expertise in more strategic and impactful ways. In this work, a comprehensive solution is proposed to address the challenges posed by command and control attacks. Harnessing the capabilities of SOAR technologies, the solution strives to boost threat identification and enhance incident response proficiency. By integrating the capabilities of Shuffle with Wazuh, the solution offers an integrated and intelligent approach to detect and mitigate command and control attacks effectively. Through the orchestration of security tools, automation of repetitive tasks, and streamlined response workflows, the solution empowers security teams to combat sophisticated attacks with speed and efficiency. The effectiveness of the solution will be evaluated through rigorous testing and analysis, demonstrating its ability to provide advanced protection against command and control threats while optimising operational efficiency in SOCs. As a result of the experimental study conducted on the detection capabilities of Wazuh and the response automation provided by Shuffle, it was observed that the integration of these two technologies yielded positive outcomes. Wazuh demonstrated its effectiveness in detecting command and control C2 attacks, while Shuffle showcased its ability to automate incident response actions. Keywords: SOAR, SOC, automation, workflows.fr_FR
dc.language.isoenfr_FR
dc.publisherUniversité Blida 1fr_FR
dc.subjectSOARfr_FR
dc.subjectSOCfr_FR
dc.subjectautomationfr_FR
dc.subjectworkflowsfr_FR
dc.titleCommand and control (C2) attack mitigation using SOARfr_FR
dc.typeThesisfr_FR
Collection(s) :Mémoires de Master

Fichier(s) constituant ce document :
Fichier Description TailleFormat 
Abdelhadi Ilyes et Elaichi Hamza.pdf2,55 MBAdobe PDFVoir/Ouvrir


Tous les documents dans DSpace sont protégés par copyright, avec tous droits réservés.