Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/107187
Title: Desplegar la herramienta "Zeek IDS" y su posterior explotación para el análisis de actividades sospechosas en la red
Author: Farré López, Xavier
Director: García Font, Víctor
Tutor: Guaita Pérez, Borja
Keywords: Elastic
monitoring
IDS
suspicious activities
network traffic
Issue Date: 31-Dec-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: The work covers the process of building a full monitoring system that, based on network traffic, identifies suspicious activities that could indicate a breach of the security of computer systems in a communications network. The purpose of the work was to have a complete low-cost monitoring system capable of detecting suspicious network traffic from reputation lists. The work was based on the use of Zeek IDS, as an intrusion detection system, responsible for analyzing network traffic; the Elastic stack, for active monitoring of network traffic; and MineMeld as a reputation list management tool. For the development of the work, a waterfall type methodology has been used, divided into different phases of a software development project: definition, analysis, construction and delivery. In addition, periodic progress reporting has been carried out. The result has been a complete monitoring system, in which network traffic has been simulated and registered in the monitoring dashboard, whose suspicious activities, based on reputation lists, have been identified for later analysis. It is concluded that, with the tools used, a complete monitoring system can be obtained, easily adaptable and extensible to the needs of any field of application, both business and private, and that the use of reputation lists is key to the identification of malicious activities in this type of systems.
Language: Spanish
URI: http://hdl.handle.net/10609/107187
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
ilogycTFM3119memoria.pdfMemoria del TFM3.92 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons