Design and development of a translation and enforcement module for cybersecurity policies

Monje Real, Fernando (2018). Design and development of a translation and enforcement module for cybersecurity policies. Proyecto Fin de Carrera / Trabajo Fin de Grado, E.T.S.I. Telecomunicación (UPM), Madrid.

Description

Title: Design and development of a translation and enforcement module for cybersecurity policies
Author/s:
  • Monje Real, Fernando
Contributor/s:
  • Romero Ibáñez, Irene
Item Type: Final Project
Degree: Grado en Ingeniería de Tecnologías y Servicios de Telecomunicación
Date: 2018
Subjects:
Freetext Keywords: Cyber Attack, Risk, Cyber Security, Iptables, Firewall, Automatic Response System, Security Policies
Faculty: E.T.S.I. Telecomunicación (UPM)
Department: Ingeniería de Sistemas Telemáticos [hasta 2014]
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (1MB) | Preview

Abstract

Nowadays, cyber attacks constitute a bigger threat to organizations than before,given the higher sophistication of those attacks, their growing propagation velocity and the increase of their destructive capabilities. This problem requires solutions capable of answering in real time and automatically. This Bachelor Thesis proposes a possible solution: the development of a system capable of translating a high level security policy designed by an organization into another low level policy, so that it can be interpreted by the elements of the network in charge of the security. This conversion process is performed after the calculation of a risk level of the organization, according to which the aforementioned translation will be executed. This risk calculation will be carried out using the data obtained by an IDS monitoring the organization’s network. Once the kind of threat is detected, a certain risk level is inferred. Afterwards, the high level policy corresponding to that risk level will be translated into an intermediate level. This intermediate policy takes into account the topology of the network but it is still impossible to understand by the elements in charge of the network security, such as the firewalls. Finally, the translation will be carried out at a low level using an independent module. In this case, the chosen firewall is Iptables, and the set of rules created must be in the proper format. These rules are now understandable by firewalls and therefore, can be automatically deployed in the network.

More information

Item ID: 51999
DC Identifier: http://oa.upm.es/51999/
OAI Identifier: oai:oa.upm.es:51999
Deposited by: Biblioteca ETSI Telecomunicación
Deposited on: 04 Sep 2018 07:44
Last Modified: 04 Sep 2018 07:44
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM