Name: | Description: | Size: | Format: | |
---|---|---|---|---|
1.11 MB | Adobe PDF |
Advisor(s)
Abstract(s)
Na era atual, onde a interconexão digital se tornou ubíqua, os ciberataques são cada vez mais proeminentes. À medida que nossa sociedade se torna cada vez mais dependente da conectividade, com compras online, acesso a e-mails, consumo de média digital e a crescente adoção do trabalho remoto motivada pela pandemia de COVID-19, a segurança das redes corporativas assume um papel crítico. Muitas vezes, as empresas enfrentam desafios ao implementar medidas adequadas de segurança sobretudo devido a restrições orçamentárias, ou falta de conhecimento. O objetivo desta dissertação visa estudar o desempenho de algoritmos de machine learning na deteção de acessos não legítimos a uma rede corporativa. Para alcançar esse objetivo, será desenvolvida uma topologia de rede que emule os serviços de acesso a uma rede corporativa. Em seguida, serão realizados acessos legítimos e acessos não legítimos, estes últimos baseados em ataques do tipo Negação de Serviço. Com base nos dados obtidos desses ataques, foi construído um dataset que foi posteriormente utilizado para treinar vários algoritmos de machine learning, analisados no contexto da deteção de acessos não autorizados numa rede corporativa. Com base nos resultados dos algoritmos de machine learning testados foi desenvolvido um framework capaz de automatizar a deteção e o bloqueio de acessos não legítimos com base nas informações extraídas pelos vários modelos através da alteração da configuração da firewall. Esse framework foi validado por meio da avaliação de novos acessos, representando um passo importante na busca pela segurança das redes corporativas em um ambiente altamente interconectado.
In the current era, where digital interconnectivity has become ubiquitous, cyberattacks are increasingly prominent. As our society becomes more reliant on connectivity, with online shopping, email access, consumption of digital media, and the growing adoption of remote work driven by the COVID-19 pandemic, the security of corporate networks assumes a critical role. Often, companies face challenges in implementing adequate security measures, primarily due to budget constraints or lack of knowledge. The objective of this dissertation is to study the performance of machine learning algorithms in the detection of unauthorized access to a corporate network. To achieve this goal, a network topology that emulates the services of a corporate network access will be developed. Subsequently, legitimate accesses and unauthorized accesses, the latter based on Denial of Service attacks, will be carried out. Based on the data obtained from these attacks, a dataset was constructed, which was later used to train various machine learning algorithms, analyzed in the context of unauthorized access detection in a corporate network. Based on the results of the tested machine learning algorithms, a framework was developed to automate the detection and blocking of unauthorized accesses based on the information extracted by the various models by altering the firewall configuration. This framework was validated through the evaluation of new accesses, representing a significant step in the pursuit of corporate network security in a highly interconnected environment.
In the current era, where digital interconnectivity has become ubiquitous, cyberattacks are increasingly prominent. As our society becomes more reliant on connectivity, with online shopping, email access, consumption of digital media, and the growing adoption of remote work driven by the COVID-19 pandemic, the security of corporate networks assumes a critical role. Often, companies face challenges in implementing adequate security measures, primarily due to budget constraints or lack of knowledge. The objective of this dissertation is to study the performance of machine learning algorithms in the detection of unauthorized access to a corporate network. To achieve this goal, a network topology that emulates the services of a corporate network access will be developed. Subsequently, legitimate accesses and unauthorized accesses, the latter based on Denial of Service attacks, will be carried out. Based on the data obtained from these attacks, a dataset was constructed, which was later used to train various machine learning algorithms, analyzed in the context of unauthorized access detection in a corporate network. Based on the results of the tested machine learning algorithms, a framework was developed to automate the detection and blocking of unauthorized accesses based on the information extracted by the various models by altering the firewall configuration. This framework was validated through the evaluation of new accesses, representing a significant step in the pursuit of corporate network security in a highly interconnected environment.
Description
Dissertação para obtenção do Grau de Mestre em Engenharia de Eletrónica e Telecomunicações
Keywords
Redes corporativas Ataques de negação de serviço Automação Machine learning Corporate networks Denial-of-service Automation,
Citation
Júnior, José Hélder Gonçalves Tavres - Gestão preditiva de ataques de negação de serviço em redes corporativas. Lisboa: Instituto Superior de Engenharia de Lisboa, 2023. Dissertação de Mestrado