Implementació d'una plataforma de gestió i visualització de ciberatacs

Abstract

[en] In this final degree work, a platform has been developed to store and visualize cyber-attacks, as well as to manage multiple organizations in this field. The visualization has been done by projecting the strategic geographical coordinates - offices, which are the destination of the attacks, and the origin of the attacks itself - on two dynamic maps, using the Leaflet library of geographical data representation for Javascript. The responsibility for securing the resource API has been divided between the API itself, which is responsible for differentiating which users can access each resource, and the API that provides tokens, so that the users of the project are not tied to the resource API, and in case of extending the set of projects of the hypothetical company that has developed this project, users could use the new projects with the same account that they have created for this one. A comparison of technologies, including databases, frameworks for front end, back end, and containers, has been made, and has ended up exploring the MongoDB and PostgreSQL databases - as well as their respective development ecosystems for Windows -, the React framework for Javascript, the Flask framework for Python, the Swagger documentation tool, the bearer token type and the Docker container. As context, the main typology of online cyber-attacks was learned, as well as the most common strategies by attackers.