•  About
    • About the Lab
    • Director’s Note
    • Our Vision
    • Founding Donor
    • Advisory Board
    • Principal Investigators
  • People
    • Associated Faculty
    • Executive Committee
    • Students
    • Program Directorate
  • TrustNet
  •  Projects
  •  Resources
  •  News
  •  Events
    • Talks
    • Trust Summit
  •  Engage
Menu
  •  About
    • About the Lab
    • Director’s Note
    • Our Vision
    • Founding Donor
    • Advisory Board
    • Principal Investigators
  • People
    • Associated Faculty
    • Executive Committee
    • Students
    • Program Directorate
  • TrustNet
  •  Projects
  •  Resources
  •  News
  •  Events
    • Talks
    • Trust Summit
  •  Engage

End Point Detection and Response for Linux Systems

Overview
People
Outcome
Overview

We develop an Endpoint Detection and Response (EDR) for linux systems using open-sourced tools like Osquery, Fleet server and Elastic. The advantage of building in-house EDR tools against using commercial EDR tools provides both the knowledge and the technical capability to detect and investigate security incidents. We discuss the architecture of the tools and the advantages it offers. Specifically, in our method, all the endpoint logs are collected at a common server which we leverage to perform correlation between events happening on different endpoints and automatically detect threats like pivoting and lateral movements.
Active from 2020
Funding: MeitY through the NCETIS at IITB

People

Manjesh Kumar Hanawal

Arjun Sable

Devesh Sawant

Sunil

Outcome
Twitter Facebook-f Linkedin Youtube
  • trustlabcse.iitb.ac.in
  • +91-22-2159-6725
  • Department of Computer Science and Engineering
    Indian Institute of Technology Bombay
    Powai, Mumbai 400076
resources
news
Events
engage
About
people
trustnet
projects
resources
news
Events
engage