Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/126847
Title: | Anàlisis i implementació d'un SIEM en l'àmbit empresarial |
Author: | Malla Esqué, Jordi |
Director: | Garcia-Font, Victor |
Tutor: | Flores Terrón, Miguel Ángel |
Abstract: | This TFM explores the SIEM Wazuh with Elastic stack, so that to analyse the logs generated in a system and evaluate them with Machine Learning to detect a Ransomware attack with Cryptolocker. The solution has been done in a business environment with an on premise Docker configuration and it use the platforms: Elastic stack to centralize storage and manage the logs, Wazuh to collect logs and generate security alerts, the Elasticsearch's machine learning to detect and inform security incidents, and finally MS Teams to centralize the alert's collections. The findings of this POC have been satisfactory in terms of detecting this security incident with Elasticsearch's machine learning configuration, although it is recommended to extend the security solution with more options to increase protection, as this TFM is highly focused on a very specific security incident, and business security is more complex. |
Keywords: | SIEM Wazuh empresarial Elastic |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | 29-Sep-2020 |
Publication license: | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
jmallaeTFM0920memòria.pdf | Memòria del TFG | 2,89 MB | Adobe PDF | View/Open |
Share:
This item is licensed under a Creative Commons License