Standards and practices necessary to implement a successful security review program for intrusion management systems

Doruk, Alpay

Please use this identifier to cite or link to this item: https://hdl.handle.net/11147/3706

Full metadata record

DC Field	Value	Language
dc.contributor.advisor	Tuğlular, Tuğkan	en
dc.contributor.author	Doruk, Alpay	-
dc.date.accessioned	2014-07-22T13:52:11Z	-
dc.date.available	2014-07-22T13:52:11Z	-
dc.date.issued	2002	en
dc.identifier.uri	http://hdl.handle.net/11147/3706	-
dc.description	Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2002	en
dc.description	Includes bibliographical references (leaves: 84-85)	en
dc.description	Text in English; Abstract: Turkish and English	en
dc.description	viii, 91 leaves	en
dc.description.abstract	Intrusion Management Systems are being used to prevent the information systems from successful intrusions and their consequences. They also have detection features. They try to detect intrusions, which have passed the implemented measures. Also the recovery of the system after a successful intrusion is made by the Intrusion Management Systems. The investigation of the intrusion is made by Intrusion Management Systems also. These functions can be existent in an intrusion management system model, which has a four layers architecture. The layers of the model are avoidance, assurance, detection and recovery. At the avoidance layer necessary policies, standards and practices are implemented to prevent the information system from successful intrusions. At the avoidance layer, the effectiveness of implemented measures are measured by some test and reviews. At the detection layer the identification of an intrusion or intrusion attempt is made in the real time. The recovery layer is responsible from restoring the information system after a successful intrusion. It has also functions to investigate the intrusion. Intrusion Management Systems are used to protect information and computer assets from intrusions. An organization aiming to protect its assets must use such a system. After the implementation of the system, continuous reviews must be conducted in order to ensure the effectiveness of the measures taken. Such a review can achieve its goal by using principles and standards. In this thesis, the principles necessary to implement a successful review program for Intrusion Management Systems have been developed in the guidance of Generally Accepted System Security Principles (GASSP). These example principles are developed for tools of each Intrusion Management System layer. These tools are firewalls for avoidance layer, vulnerability scanners for assurance layer, intrusion detection systems for detection layer and integrity checkers for recovery layer of Intrusion Management Systems.	en
dc.language.iso	en	en_US
dc.publisher	Izmir Institute of Technology	en
dc.rights	info:eu-repo/semantics/openAccess	en_US
dc.subject.lcc	TK5105.59 D67 2002	en
dc.subject.lcsh	Computer networks--Security measures	en
dc.subject.lcsh	Firewalls (Computer security)	en
dc.title	Standards and practices necessary to implement a successful security review program for intrusion management systems	en_US
dc.type	Master Thesis	en_US
dc.institutionauthor	Doruk, Alpay	-
dc.department	Thesis (Master)--İzmir Institute of Technology, Computer Engineering	en_US
dc.relation.publicationcategory	Tez	en_US
item.grantfulltext	open	-
item.openairecristype	http://purl.org/coar/resource_type/c_18cf	-
item.cerifentitytype	Publications	-
item.openairetype	Master Thesis	-
item.languageiso639-1	en	-
item.fulltext	With Fulltext	-
Appears in Collections:	Master Degree / Yüksek Lisans Tezleri