Tesis Telecomunicaciones
Permanent URI for this collectionhttp://repositorio.uta.edu.ec/handle/123456789/34848
Browse
2 results
Search Results
Item Sistema de detección de intrusos (ids) para fortalecer la seguridad informática en la empresa Ambacar(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Telecomunicaciones, 2025-02) Balseca Castro Josué Guillermo; Sánchez Zumba Andrea PatriciaNetwork security in corporate environments is crucial to safeguarding and ensuring the confidentiality, integrity, and availability of data and services, addressing a growing concern in cybersecurity. The development of an Intrusion Detection System (IDS) emerges as an effective solution to mitigate threats in a corporate setting. The methodology applied consisted of three stages. The first stage involved legal agreements, a grey-box reconnaissance phase, and threat analysis. Tools like Nmap were utilized, and under the PTE’s methodology, several critical vulnerabilities were identified in services such as SMB, OpenSSH, RDP, and insecure SSL configurations, which exposed corporate data to potential MiTM and DoS attacks. The second stage focused on the implementation and configuration of the IDS using Suricata, alongside the integration of a visualization system with the ELK Stack. Finally, in the third stage, the IDS’s functionality was validated through simulated attacks, including Slowloris exploits, EternalBlue, DoS attacks, and MiTM scenarios. After allowing the IDS to mature, a high volume of events from legitimate traffic was identified, leading to the implementation of thresholds to filter events and prioritize critical alerts. This optimization enhanced the system’s efficiency in detecting real threats, ensuring more accurate responses. By the end of the process, the system achieved 100% precision in threat detection with an average response time of 25.16 seconds. It enabled the generation of precise alerts and detailed reports, which will be utilized by IT personnel for audits.Item Soluciones de seguridad en sistemas iot de hogares inteligentes para mitigar riesgos y vulnerabilidades mediante la realización de pruebas de penetración(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Telecomunicaciones, 2024-02) Araujo Robalino, María Isabel; Cuji Rodríguez, Julio EnriqueThe Internet of Things (IoT) is revolutionizing the intercommunication between smart home devices. However, the security of these systems faces security challenges as more devices are incorporated, so effective solutions are needed to protect sensitive data and information integrity. The IoT system designed for this research is made up of a variety of devices common in smart homes, such as lights, switches, plugs, security cameras, motion sensors, and an "Alexa" voice assistant. Penetration testing on this system uses the Stride model, which analyzes six categories of threats: spoofing, data tampering, repudiation, information disclosure, denial of service, and elevation of privilege; to identify specific risks and vulnerabilities. Based on these results, measures are established to ensure the security of the system, including limiting access to authorized devices, assigning static IP addresses, and strong passwords in the router's configuration. In addition, specific tools are incorporated in the machine to monitor and control data traffic, allowing users to supervise their network’s status. The evaluation of the effectiveness of these measures reveals a mitigation of vulnerabilities of up to 64,052% in the total system. This highlights the effectiveness of the security measures applied. This high percentage of mitigation evidences the robustness of the system in protecting against possible attacks and guarantees a more secure environment for the system's IoT devices