Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/118726
Title: Desplegar l'eina "Zeek IDS" i la seva posterior explotació per a l'anàlisi d'activitats sospitoses a la xarxa
Author: Adell Barbarà, Adrià
Director: Borja Guaita Perez
Tutor: Victor Garcia Font
Keywords: Network analysis
Security
Issue Date: 2-Jun-2020
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: With the growing need to protect information (confidentiality, integrity and availability), the purpose of this work is to detect different security problems in a local network by using an intrusion detection system (IDS) and display them in dashboards to allow an early reaction to detected threats. In this work we study not only the detection capabilities offered by Zeek IDS (brute force attacks, SQL injection, etc.), but together with the integration with ELK Stack (Elasticsearch, Logstash and Kibana), we are also able to enrich the data, in order to detect the connections to fraudulent websites or downloads of dangerous files in real time, with up-to-date detecting sources thanks to the integrations with Intel Critical Stack and in-line queries to VirusTotal. To develop this project, the implementation of Zeek IDS was made on a Raspberry Pi 4 and the installation of ELK Stack was on a virtual Ubuntu Server, additionally the creation of four security dashboards. Through performance tests, it is shown that the installation of an IDS combined with ELK, significantly raises the level of security in any network. Finally, the results have been satisfactory, as it achieves the detection in real time of different suspicious activities in the network, and that, thanks to the security dashboards, will allow us to see the threats and carry out an intervention when necessary.
Language: Catalan
URI: http://hdl.handle.net/10609/118726
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
AdellBarbaraAdria_TFM-AnalisiDeDades_Presentacio.pdfPresentació TFM7.97 MBAdobe PDFView/Open
AdellBarbaraAdria_TFM-AnalisiDeDades_Memoria.pdfMemòria TFM5.43 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons