Implementación de un IDS de bajo coste para uso doméstico o en la pequeña empresa

Gómez Fernández, Sadoht

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/107246

Title:	Implementación de un IDS de bajo coste para uso doméstico o en la pequeña empresa
Author:	Gómez Fernández, Sadoht
Director:	Rifà-Pous, Helena
Tutor:	Caparrós, Joan
Abstract:	The goal of this project is to find a low-cost security solution, aimed at the family home and small businesses, which allows the detection of malicious or anomalous behavior on the local network, alerting the administrator and serving to analyze the state of the network and the origin of events. For this purpose, a Wifi access point was installed, whose traffic is analyzed by Suricata (Intrusion Detection System), storing all security events in the Elasticsearch database. The installation was completed with Kibana to visualize all the stored data and ElastAlert to send notifications to the administrator. Once a functional system was achieved with the chosen tools, alternative topologies were studied, analyzing the cost of implementing each one, along with its advantages and disadvantages. Furthermore, a Telegram bot was developed to help linking the IP addresses of each event with their respective device and user. With this data, a dashboard was generated in Kibana to show the security information and network usage, in order to help in detecting anomalous behavior. Finally, some tests were made to demonstrate the detection capabilities of Suricata, and to observe the general functionality of the system, visualizing the data in Kibana and receiving the relevant notifications.
Keywords:	intrusion detection system Suricata Wi-Fi ELK Stack
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	31-Dec-2019
Publication license:	http://creativecommons.org/licenses/by-nc-sa/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.