GR Semicolon EN

Show simple item record

dc.contributor.author
Koritsas, Ilias
en
dc.date.accessioned
2022-11-10T08:01:31Z
dc.date.available
2022-11-10T08:01:31Z
dc.date.issued
2022-11-10
dc.identifier.uri
https://repository.ihu.edu.gr//xmlui/handle/11544/30121
dc.rights
Default License
dc.subject
Secure Application
en
dc.subject
Amazon Web Services
en
dc.subject
Traffic Mirroring
en
dc.subject
Suricata Intrusion Detection System
en
dc.title
Creating Secure Application in Amazon Web Services with Traffic Mirroring and Suricata Intrusion Detection System
en
heal.type
masterThesis
en_US
heal.creatorID.email
ilkoritsas@gmail.com
heal.dateAvailable
2022-11-01
heal.language
en
en_US
heal.access
free
en_US
heal.license
http://creativecommons.org/licenses/by-nc/4.0
en_US
heal.recordProvider
School of Science and Technology, MSc in Cybersecurity
en_US
heal.publicationDate
2022-02
heal.abstract
This dissertation was written as a part of the Msc in Cybersecurity at the International Hellenic Uni- versity. During recent years, more and more organizations migrate their data and services to the cloud environment. For this reason, cloud resources and infrastructure have become target for many malicious actors. In this dissertation we will examine how Amazon Web Services features like Traf- fic Mirroring, VPC, Load Balancing and Auto-scaling can be utilized, along with the Suricata Intru- sion Detection Software, to create efficient and scalable monitoring solutions, in terms of security and resource utilization. The implemented architecture and scaling policies will be tested by creat- ing synthetic network traffic to simulate an attack. The current landscape of the cloud environment and the the cloud deployment models are briefly discussed, as well as some security challenges that this environment faces. In the first chapter, the general cloud landscaped and the challenges it faces are discussed. There is a brief mention of the types of cloud that exists and the key security concepts of the cloud environ- ment are analyzed. Finally, it includes an overview of Intrusion Detection Systems (IDS) types. In the second chapter, the services of Amazon Cloud that are used to create the secure and robust application architecture are analyzed. Next, in the third chapter, we describe in detail all the compo- nents and concepts of the created application. It contains the overview of the network architecture setup, all the utilized software, as well as their detailed configuration. All the different stacks that compose the application, the sub-networking and the network flows are explained. The next chapter describes in detail the exact setup and methods that were used to test the imple- mented application, the network packet crafting procedure, the scaling policies and the results of these tests, and the related figures. Finally, the last chapter, includes the conclusions drawn, concerning the security and scalability of the implemented application, and also the drawbacks and challenges of this an approach and enu- merates the pros and cons of utilizing Traffic Mirroring and Auto-scaling to create an efficient mon- itoring solution for cloud resources. Special thanks to Prof. Dimitrios Baltatzis for his guidance and advice as a supervisor in this disser- tation.
en
heal.advisorName
Baltatzis, Dimitrios
el
heal.committeeMemberName
Serketzis, Nikolaos
en
heal.academicPublisher
School of Science and Technology, Master of Science (MSc) in Cybersecurity
en
heal.academicPublisherID
ihu
en_US
heal.numberOfPages
65
en_US
heal.license.source-code
http://www.gnu.org/licenses/gpl-3.0.html
en_US


This item appears in the following Collection(s)

Show simple item record

Related Items