Please use this identifier to cite or link to this item:
Title: Desplegar la herramienta "Bro IDS" y su posterior explotación para el análisis de actividades sospechosas en la red
Author: Mezquida Salva, Carlos
Director: García Font, Víctor
Tutor: Guaita Pérez, Borja
Keywords: network security
network analysis
computer security
Issue Date: 28-Dec-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: News about attacks, data theft, computer encryption,... in organizations and companies is becoming more frequent. Security tasks are an important pillar for the stability of organizations and companies. For this reason it is necessary to implement all possible security measures to identify threats. One of the most interesting measures at the network level is the NIDS. NIDS are network intrusion detection tools that allow us to analyze the network of our organizations. Some NIDS tools are Snort, Suricata and Zeek tools (formerly known as Bro IDS). This Project analyzes the Zeek tool for the early detection of threats and their subsequent explotation through a control panel offered by the Elastic stack (Elasticsearch, Logstash and Kibana). I use IntelMQ as a tool of intelligence to add a reputation list to the system. Alarm mechanisms have been developed to notify of possible events of malicious activity in the network as an improvement to the detection I defined a series of stages, a general objective and the objectives of research, implementation and delivery of documentation. The result obtained from the Project is the implementation and integration of Zeek tools and reputation lists for later exploitation through a simple control panel. As for the conclusions of the Project, it can be affirmed that NIDS tools are very useful tools for the early detection of network anomalies and that they can be key to threat identification.
Language: Spanish
Appears in Collections:Bachelor thesis, research projects, etc.

Files in This Item:
File Description SizeFormat 
carlosmezquidaTFM1219memoria.pdfMemoria del TFM4.08 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons