Please use this identifier to cite or link to this item:
Title: Desplegar l'eina "Zeek IDS" i la seva posterior explotació per a l'anàlisi d'activitats sospitoses a la xarxa
Author: Adell Barbarà, Adrià
Director: García Font, Víctor
Tutor: Guaita Pérez, Borja
Keywords: network analysis
computer security
Issue Date: 2-Jun-2020
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: With the growing need to protect information (confidentiality, integrity and availability), the purpose of this work is to detect different security problems in a local network by using an intrusion detection system (IDS) and display them in dashboards to allow an early reaction to detected threats. In this work we study not only the detection capabilities offered by Zeek IDS (brute force attacks, SQL injection, etc.), but together with the integration with ELK Stack (Elasticsearch, Logstash and Kibana), we are also able to enrich the data, in order to detect the connections to fraudulent websites or downloads of dangerous files in real time, with up-to-date detecting sources thanks to the integrations with Intel Critical Stack and in-line queries to VirusTotal. To develop this project, the implementation of Zeek IDS was made on a Raspberry Pi 4 and the installation of ELK Stack was on a virtual Ubuntu Server, additionally the creation of four security dashboards. Through performance tests, it is shown that the installation of an IDS combined with ELK, significantly raises the level of security in any network. Finally, the results have been satisfactory, as it achieves the detection in real time of different suspicious activities in the network, and that, thanks to the security dashboards, will allow us to see the threats and carry out an intervention when necessary.
Language: Catalan
Appears in Collections:Bachelor thesis, research projects, etc.

Files in This Item:
File Description SizeFormat 
adriaadellTFM0620memòria.pdfMemòria del TFM4.9 MBAdobe PDFView/Open
adriaadellTFM0620presentació.pdfPresentació del TFM7.9 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons