Ingeniería en Sistemas, Electrónica e Industrial
Permanent URI for this communityhttp://repositorio.uta.edu.ec/handle/123456789/1
Browse
2 results
Search Results
Item Sistema de detección de intrusos (ids) para fortalecer la seguridad informática en la empresa Ambacar(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Telecomunicaciones, 2025-02) Balseca Castro Josué Guillermo; Sánchez Zumba Andrea PatriciaNetwork security in corporate environments is crucial to safeguarding and ensuring the confidentiality, integrity, and availability of data and services, addressing a growing concern in cybersecurity. The development of an Intrusion Detection System (IDS) emerges as an effective solution to mitigate threats in a corporate setting. The methodology applied consisted of three stages. The first stage involved legal agreements, a grey-box reconnaissance phase, and threat analysis. Tools like Nmap were utilized, and under the PTE’s methodology, several critical vulnerabilities were identified in services such as SMB, OpenSSH, RDP, and insecure SSL configurations, which exposed corporate data to potential MiTM and DoS attacks. The second stage focused on the implementation and configuration of the IDS using Suricata, alongside the integration of a visualization system with the ELK Stack. Finally, in the third stage, the IDS’s functionality was validated through simulated attacks, including Slowloris exploits, EternalBlue, DoS attacks, and MiTM scenarios. After allowing the IDS to mature, a high volume of events from legitimate traffic was identified, leading to the implementation of thresholds to filter events and prioritize critical alerts. This optimization enhanced the system’s efficiency in detecting real threats, ensuring more accurate responses. By the end of the process, the system achieved 100% precision in threat detection with an average response time of 25.16 seconds. It enabled the generation of precise alerts and detailed reports, which will be utilized by IT personnel for audits.Item Sistema de detección de intrusos (IDS) basado en machine learning para el control de la red en la Unidad Educativa “19 de Septiembre” en la Ciudad de Salcedo(Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Carrera de Tecnologías de la Información, 2025-02) Lascano Banshuy Jairo Guillermo; Sánchez Zumba Andrea PatriciaThe increasing sophistication of cyber threats highlights the need for robust solutions to protect institutional networks. This project focuses on the implementation of a Machine Learning-based Intrusion Detection System (IDS) for the "19 de Septiembre" Educational Unit. Initial network assessments revealed critical security vulnerabilities, including frequent connectivity issues, limited access, and user dissatisfaction, primarily caused by the lack of attention to cybersecurity within the institution. To address these challenges, a hybrid dataset was developed by combining real-time data collected through the IDS with publicly available datasets. This approach ensured the dataset's relevance and robustness, enhancing the model's accuracy in classifying benign traffic and detecting potential attacks. After evaluating various machine learning algorithms, Random Forest was selected due to its high adaptability, strong performance, and compatibility with the project's resource constraints. The trained model achieved exceptional results in terms of accuracy, recall, and overall reliability, providing a solid foundation for the IDS. This approach allows educational institutions and other organizational environments to proactively adapt to emerging cyber threats, which are constantly evolving in complexity and scope. By strengthening the network infrastructure, a secure and reliable environment is fostered, protecting both data and the institution's critical operations. Furthermore, this improvement contributes to ensuring user trust in the overall use of the infrastructure