Maestría en Telecomunicaciones

Permanent URI for this collectionhttp://repositorio.uta.edu.ec/handle/123456789/32901

Browse

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • No Thumbnail Available
    Item
    Deep Packet Inspection en el router Mikrotik de borde de la red de un ISP con el fin de identificar y prevenir ataques externos.
    (Universidad Técnica de Ambato. Facultad de Ingeniería en Sistemas, Electrónica e Industrial. Maestría en Telecomunicaciones, 2021) López Narváez, Santiago Martín; Guevara Aulestia, David Omar
    The network infrastructure equipment's protection and its availability are affected by the increase of cyberattacks. For this reason, there is a need for developing methods to reduce the negative impact caused by attacks. It is essential that any small, medium, or large business, has its proper network security to protect itself. Similarly, an Internet Service Provider (ISP) must have all the security. Therefore, their customers have the service without interruption, and the information they exchanged on the internet is also properly protected. This research project suggests a tool to detect DDoS attacks with the use of DPI and NetFlow. Thus, the network's border of the internet service provider uses the tool mentioned before. The algorithm uses Python code for detecting attacks, and it tested on the ISP's network for eight days, obtaining true positives hits in the detection of cyberattacks of 92%. The NetFlow collector uses Elasticsearch and Kibana, allowing the information collected to be presented in an orderly manner and to create graphs of interest to the ISP. It is crucial to highlight that the developed script communicates with the ISP's Mikrotik border router to block the attack source IP. Thanks to this tool, the ISP can have a layer of security and offer greater availability to its customers.