Please use this identifier to cite or link to this item:
http://hdl.handle.net/2445/209364
Title: | Sistema de detecció d'amenaces cibernètiques |
Author: | Cirera Bosch, Arnau |
Director/Tutor: | López de Miguel, Manuel Roca Cánovas, Raúl |
Keywords: | Seguretat informàtica Seguretat de les xarxes d'ordinadors Desenvolupament de programari d'aplicació Programari Treballs de fi de grau Computer security Computer network security Development of application software Computer software Bachelor's theses |
Issue Date: | 17-Jan-2024 |
Abstract: | [en] An IT infrastructure exposed to the Internet needs to protect itself against potential cyberattacks that could stop the service it provides or compromise the integrity of the data it contains. To have control over the cybersecurity of an infrastructure, organizations monitor their systems with threat detection solutions in order to be able to manage incidents that occur. This project aims to develop a unified and self-scalable cyber threat detection solution that allows monitoring of an IT network in a simple and visual way for the user. This involves, on the one hand, monitoring various aspects, such as application logs and network devices, network traffic, alerts from intrusion detection systems, file modification and events from end devices (servers and personal computers). This information will then be centralized and filtered with a cyber threat detection system based on detection rules, which will generate alerts that will be displayed on a set of control panels to be able to manage incidents that may occur in the infrastructure. The system will be deployed using Kubernetes, an open source platform for automating the deployment, scaling and management of containerized applications. This makes it possible to deploy different solutions in containers in an automatic and scalable way to a cloud infrastructure, thus facilitating the creation of solutions based on microservices that need a reliable and scalable system effectively. The core of threat detection will be provided by Wazuh solution, a free and open source security platform that unifies XDR (Extended Detection and Response) and SIEM (Security Information and Event Management) capabilities. It contains different modules that bring different functionalities to the system such as rule-based threat detection, log centralization, text analysis and search, active and remote response to security incidents, software vulnerability analysis and compliance control regulatory (such as PCI DSS, GDPR and CIS, among others). |
Note: | Treballs Finals de Grau d'Enginyeria Informàtica, Facultat de Matemàtiques, Universitat de Barcelona, Any: 2024, Director: Manuel López de Miguel i Raúl Roca Cánovas |
URI: | http://hdl.handle.net/2445/209364 |
Appears in Collections: | Programari - Treballs de l'alumnat Treballs Finals de Grau (TFG) - Enginyeria Informàtica |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
tfg_cirera_bsch_arnau.pdf | Memòria | 3.65 MB | Adobe PDF | View/Open |
codi.zip | Codi font | 1.5 MB | zip | View/Open |
This item is licensed under a Creative Commons License