Duration: 5-10 months
Context: HBO/WO thesis
In the Security Operations environment valid vulnerability scanning activity often results in a flow of false positives, burdening the analyst. At the same time attackers could use similar scanning tools and techniques to engage in reconnaissance efforts. This research is focused on trying to distinguish those two types of activities, using machine based learning techniques.
Research a scoped number vulnerability scanning tools and techniques and the resulting patterns. define MBL approach, produce a PoC on how detection could work, using a combination of tools, such as Suricata, Bro, etc.
Please share your CV and motivation with us (vacature[at]fox-it.com). In case of questions please send us an email (vacature[at]fox-it.com).