Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/145446
Title: | Detección de intrusiones empleando técnicas de cyber-deception con credenciales señuelo en Directorio Activo |
Author: | Ruiz Mayorga, Luis |
Tutor: | Lopez Vicario, Jose |
Others: | Vilajosana, Xavier |
Abstract: | One of the main challenges that the cyberdefense industry faces is the early detection of security incidents to minimize the impact of the cyberattacks. The attacking techniques used by cybercriminals are becoming increasingly sophisticated. Thus, defense techniques must evolve accordingly. One of the many defensive security solutions is to deceive the enemies by guiding them to decoy networks and hosts (honeypots), which emulate real systems in a controlled environment. Nowadays, these honeypots have evolved towards approaches that focus on the distribution of decoys in real systems, which is known as deception techniques. This master thesis focuses on a particular deception technique, based on the distribution of decoy credentials on computers in an Active Directory domain using the open source tool DCEPT. This tool implements a unique approach with no alternative in the open source community. The distributed decoy credentials belong to a real user, so they cannot be identified as fake. Likewise, the detection of the use of credentials is completely transparent to the Active Directory environment, by simply sniffing the traffic that arrives at the Domain Controllers. Moreover, there is no risk of these credentials being used by the attackers because these mentioned credentials are not the correct ones for the real user. Although this approach is appealing, the DCEPT project has not been actively maintained by its developers and has become obsolete. This master thesis aims to update, complete, and improve this tool to make it useful and accessible to the community so that this project can continue developing. |
Keywords: | cybersecurity telecommunications credentials |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | 5-Jun-2022 |
Publication license: | http://creativecommons.org/licenses/by/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
lruizmayTFM0622dcept_server.zip | Código de DCEPT | 10,64 kB | Unknown | View/Open |
lruizmayTFM0622network_captures.zip | Capturas de tráfico de prueba | 13,78 kB | Unknown | View/Open |
lruizmayTFM0622presentación.pdf | Presentación del TFM | 1,03 MB | Adobe PDF | View/Open |
lruizmayTFM0622memoria.pdf | Memoria del TFM | 1,51 MB | Adobe PDF | View/Open |
Share:
This item is licensed under a Creative Commons License