-
Notifications
You must be signed in to change notification settings - Fork 0
/
thesis.tex
executable file
·223 lines (177 loc) · 11.9 KB
/
thesis.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%
%%% File: utthesis2.doc, version 2.0jab, February 2002
%%%
%%% Based on: utthesis.doc, version 2.0, January 1995
%%% =============================================
%%% Copyright (c) 1995 by Dinesh Das. All rights reserved.
%%% This file is free and can be modified or distributed as long as
%%% you meet the following conditions:
%%%
%%% (1) This copyright notice is kept intact on all modified copies.
%%% (2) If you modify this file, you MUST NOT use the original file name.
%%%
%%% This file contains a template that can be used with the package
%%% utthesis.sty and LaTeX2e to produce a thesis that meets the requirements;
%%% of the Graduate School of The University of Texas at Austin.
%%%
%%% All of the commands defined by utthesis.sty have default values (see
%%% the file utthesis.sty for these values). Thus, theoretically, you
%%% don't need to define values for any of them; you can run this file
%%% through LaTeX2e and produce an acceptable thesis, without any text.
%%% However, you probably want to set at least some of the macros (like
%%% \thesisauthor). In that case, replace "..." with appropriate values,
%%% and uncomment the line (by removing the leading %'s).
%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%% The style file was created for an American university, some information
%%% such as committee members, etc is not needed for TCD dissertations.
\documentclass[a4paper, 12pt, oneside]{report}
\usepackage {tcdthesis}
\usepackage{graphicx,color}
\usepackage{anysize}
\usepackage{amsmath}
%\usepackage{natbib}
\usepackage{caption}
\usepackage{hyperref}
\usepackage{listings}
\usepackage{verbatim}
\usepackage{acronym}
\usepackage{lmodern}
\usepackage{inputenc}
\usepackage[official]{eurosym}
\mastersthesis %% Uncomment one of these; if you don't
%\phdthesis %% use either, the default is \phdthesis.
%\thesisdraft %% Uncomment this if you want a draft
%% version; this will print a timestamp
%% on each page of your thesis.
\leftchapter %% Uncomment one of these if you want
%\centerchapter %% left-justified, centered or
% \rightchapter %% right-justified chapter headings.
%% Chapter headings includes the
%% Contents, Acknowledgments, Lists
%% of Tables and Figures and the Vita.
%% The default is \centerchapter.
% \singlespace %% Uncomment one of these if you want
% \oneandhalfspace %% single-spacing, space-and-a-half
\doublespace %% or double-spacing; the default is
%% \oneandhalfspace, which is the
%% minimum spacing accepted by the
%% Graduate School.
\renewcommand{\thesisauthor}{Amber Higgins} %% Your official name.
\renewcommand{\thesismonth}{May} %% Your month of graduation.
\renewcommand{\thesisyear}{2018} %% Your year of graduation.
%%sw \renewcommand{\thesistitle}{\large{General Title:} \\ \LARGE{Specific Title}}
\renewcommand{\thesistitle}{\LARGE{Adaptive Containerised Honeypots for Cyber-Incident Monitoring}} %% The title of your thesis; use mixed-case.
\renewcommand{\thesisauthorpreviousdegrees}{B.A.I.} %% Your previous degrees, abbreviated; separate multiple degrees by commas.
\renewcommand{\thesissupervisor}{Dr. Stefan Weber} %% Your thesis supervisor; use mixed-case and don't use any titles or degrees.
\renewcommand{\thesisauthoraddress}{Dublin, Ireland}
%\renewcommand{\thesisdedication}{...} %% Your dedication, if you have one; use "\\" for linebreaks.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%%
%%% The following commands are all optional, but useful if your requirements
%%% are different from the default values in utthesis.sty. To use them,
%%% simply uncomment (remove the leading %) the line(s).
% \renewcommand{\thesiscommitteesize}{...}
%% Uncomment this only if your thesis
%% committee does NOT have 5 members
%% for \phdthesis or 2 for \mastersthesis.
%% Replace the "..." with the correct
%% number of members.
\renewcommand{\thesisdegree}{Integrated Masters in Computer Engineering} %% Uncomment this only if your thesis
%% degree is NOT "DOCTOR OF PHILOSOPHY"
%% for \phdthesis or "MASTER OF ARTS"
%% for \mastersthesis. Provide the
%% correct FULL OFFICIAL name of
%% the degree.
\renewcommand{\thesisdegreeabbreviation}{M.A.I.}
%% Use this if you also use the above
%% command; provide the OFFICIAL
%% abbreviation of your thesis degree.
\renewcommand{\thesistype}{Dissertation} %% Use this ONLY if your thesis type
%% is NOT "Dissertation" for \phdthesis
%% or "Thesis" for \mastersthesis.
%% Provide the OFFICIAL type of the
%% thesis; use mixed-case.
% \renewcommand{\thesistypist}{...} %% Use this to specify the name of
%% the thesis typist if it is anything
%% other than "the author".
%%%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%sw \includecode{short caption}{long caption}{filename}
\newcommand{\includecode}[3]{\lstinputlisting[caption={[#1]#2}, captionpos=b, frame=single]{#3}}
%%sw \includewidefigure{label}{short caption}{long caption}{filename}
\newcommand{\includewidefigure}[4]{
\begin{figure}[htb]
\centering
\includegraphics[width=\linewidth]{#4}
\captionsetup{width=.8\linewidth}
\caption[#2]{#3}
\label{fig:#1}
\end{figure}
}
%%sw \includefigure{label}{short caption}{long caption}{filename}
\newcommand{\includefigure}[4]{
\begin{figure}[htb]
\centering
\includegraphics{#4}
\captionsetup{width=.8\linewidth}
\caption[#2]{#3}
\label{fig:#1}
\end{figure}
}
\begin{document} %% BEGIN THE DOCUMENT
\thesistitlepage %% Generate the title page.
\thesisdeclarationpage %% Generate the declaration page.
%\thesispermissionpage %% Generate the copyright permission page
\thesissummarypage
%\thesisdedicationpage %% Generate the dedication page.
\begin{thesisacknowledgments} %% Use this to write your
%% acknowledgments; it can be anything
This research has been a significant undertaking that I could not have accomplished without the support and guidance of so many different people.
First and foremost my thanks goes to Dr. Stefan Weber, who has been an incredible support through all the trials and tribulations of this project. His insights, patience and guidance have been second-to-none.
Special mentions go to Jason Flood of IBM Ireland, Michel Oosterhof of the Cowrie project, and Tony Winters of Optum Ireland who offered valuable insights and guidance on the way forward at various points during this research.
I am incredibly fortunate to have a wonderful support network: To Tushti, Isla and {\'E}amon, thank you for listening to all of my ranting and raving and for being there to offer your advice, opinions and help with my issues (whether technical or motivational)!
Lastly and most importantly of all, to my loving family - Mom, Dad, Romy and Holly - and my incredible partner Breand{\'a}n. You have invested so much in support of my dreams and aspirations, and I could never have accomplished any of this without you.
\end{thesisacknowledgments} %% allowed in LaTeX2e par-mode.
\null\vfill
{\centering
\parbox{\textwidth}{%
All warfare is based on deception. \\
Hence, when we are able to attack, we must seem unable; \\
When using our forces, we must appear inactive; \\
When we are near, we must make the enemy believe we are far away; \\
When far away, we must make him believe we are near.\par\bigskip
}
\raggedleft\Large{ - Sun Tzu, \textit{The Art of War}}\par%
}
\vfill\vfill
%% Adding subsections (using \paragraph and \subparagraph) - depth of 5 subsections
\setcounter{secnumdepth}{5}
%% Below command sets what maximum sub-level is shown in the table of contents
\setcounter{tocdepth}{3}
\begin{thesisabstract}
The Internet is becoming an increasingly hostile environment, and though the deployment of security technologies is steadily improving over time, there is a huge and increasing gap between current technological threats and the measures in place to mitigate them.
This research has focused on providing enhanced security through incident-monitoring, devising a highly-deployable cyber-incident monitoring system to consolidate threat intelligence collected from a network of honeypots: An approach which promotes reactivity in the face of increased uncertainty about the nature of attacks, emphasising an active rather than passive approach to securing modern infrastructures which have seen an unprecedented growth in connectivity in critical services including health, transport and energy.
In particular, much attention in this research has focused on how such a system can feasibly provide active network defence for organisations in a way that is both practical and usable to operate and maintain. The use of containers and Platform-as-a-Service solutions in the deployment of security applications is an area where there is huge potential in this regard.
While research and industry projects have explored these uses of honeypots before including in the context of cyber-incident monitoring, this research distinguishes itself on the basis of providing a fully-networked system of honeypots packaged as a single deployable unit which can be hosted in Linux-based environments to provide active network defence in modern IT infrastructures.
Attention has also been given to the adaptation of honeypot design to more effectively entice attacks and hence provide improved threat detection, something for which limited conclusive research exists. The exponential increase in connectivity of systems which were traditionally isolated motivates the targeting of such designs at Internet-of-Things botnets, automated attackers whose activities are a growing threat to critical service infrastructures.
\end{thesisabstract}
\tableofcontents %% Generate table of contents.
\listoftables %% Uncomment this to generate list of tables.
\listoffigures %% Uncomment this to generate list of figures.
\include{Chapters/chapter1} %% INTRODUCTION
\include{Chapters/chapter2} %% STATE OF THE ART
\include{Chapters/chapter3} %% PROBLEM FORMULATION
\include{Chapters/chapter4} %% DESIGN
\include{Chapters/chapter5} %% IMPLEMENTATION
\include{Chapters/chapter6} %% EVALUATION
\include{Chapters/chapter7} %% CONCLUSION
\begin{appendix}
\include{appendix1} %% ABBREVIATIONS
\end{appendix}
%
\bibliographystyle{ieeetr}
\bibliography{dissertation}
%\addcontentsline {toc}{chapter}{Bibliography} %% Force Bibliography to appear in contents
\end{document} %% END THE DOCUMENT