1. Dipòsit Digital de la Universitat de Barcelona
  2. Treballs de l'alumnat
  3. Treballs Finals de Grau (TFG) - Enginyeria Informàtica
Please use this identifier to cite or link to this item: http://hdl.handle.net/2445/209364
Title: Sistema de detecció d'amenaces cibernètiques
Author: Cirera Bosch, Arnau
Director/Tutor: López de Miguel, Manuel
Roca Cánovas, Raúl
Keywords: Seguretat informàtica
Seguretat de les xarxes d'ordinadors
Desenvolupament de programari d'aplicació
Programari
Treballs de fi de grau
Computer security
Computer network security
Development of application software
Computer software
Bachelor's theses
Issue Date: 17-Jan-2024
Abstract: [en] An IT infrastructure exposed to the Internet needs to protect itself against potential cyberattacks that could stop the service it provides or compromise the integrity of the data it contains. To have control over the cybersecurity of an infrastructure, organizations monitor their systems with threat detection solutions in order to be able to manage incidents that occur. This project aims to develop a unified and self-scalable cyber threat detection solution that allows monitoring of an IT network in a simple and visual way for the user. This involves, on the one hand, monitoring various aspects, such as application logs and network devices, network traffic, alerts from intrusion detection systems, file modification and events from end devices (servers and personal computers). This information will then be centralized and filtered with a cyber threat detection system based on detection rules, which will generate alerts that will be displayed on a set of control panels to be able to manage incidents that may occur in the infrastructure. The system will be deployed using Kubernetes, an open source platform for automating the deployment, scaling and management of containerized applications. This makes it possible to deploy different solutions in containers in an automatic and scalable way to a cloud infrastructure, thus facilitating the creation of solutions based on microservices that need a reliable and scalable system effectively. The core of threat detection will be provided by Wazuh solution, a free and open source security platform that unifies XDR (Extended Detection and Response) and SIEM (Security Information and Event Management) capabilities. It contains different modules that bring different functionalities to the system such as rule-based threat detection, log centralization, text analysis and search, active and remote response to security incidents, software vulnerability analysis and compliance control regulatory (such as PCI DSS, GDPR and CIS, among others).
Note: Treballs Finals de Grau d'Enginyeria Informàtica, Facultat de Matemàtiques, Universitat de Barcelona, Any: 2024, Director: Manuel López de Miguel i Raúl Roca Cánovas
URI: http://hdl.handle.net/2445/209364
Appears in Collections:Treballs Finals de Grau (TFG) - Enginyeria Informàtica
Programari - Treballs de l'alumnat

Files in This Item:
File Description SizeFormat 
tfg_cirera_bsch_arnau.pdfMemòria3.65 MBAdobe PDFView/Open
codi.zipCodi font1.5 MBzipView/Open
Show full item record


This item is licensed under a Creative Commons License Creative Commons