Publicação
Desenvolvimento de um Sistema de Partilha de Informações Sobre Ameaças à Cibersegurança
| datacite.subject.fos | Departamento de Informática | pt_PT |
| dc.contributor.advisor | Respício, Ana Luísa do Carmo Correia, 1965- | |
| dc.contributor.author | Pilré, Rafael Nuno de Freitas | |
| dc.date.accessioned | 2024-12-16T15:24:11Z | |
| dc.date.available | 2024-12-16T15:24:11Z | |
| dc.date.issued | 2024 | |
| dc.date.submitted | 2024 | |
| dc.description | Trabalho de projeto de mestrado, Engenharia Informática, 2024, Universidade de Lisboa, Faculdade de Ciências | pt_PT |
| dc.description.abstract | Robust cybersecurity procedures are crucial today, given the increasing cyber threats and the rapidly evolving digital environment, especially for large corporations like Altice Portugal. The world is becoming increasingly dependent on digital technologies, which means that stringent cybersecurity measures are more necessary than ever. This project recognizes the vital role that Threat Intelligence (TI) plays in strengthening defenses against zero-day threats, embarking on a critical investigation of cybersecurity concerns in this dynamic environment. The goal of this project is the creation of a new central system whose goal is to collect cybersecurity threats from several sources, including 0-day-threats integrating all this information in the Altice Portugal MISP. During the project, existing information sources were evaluated and new sources of vulnerabilities, exploits, and malware were explored, comparing the data with the company’s internal knowledge to assess the relevance of these threats. Threats identified as zeroday are stored in MISP, allowing for better management and sharing of information about cyber threats. Additionally, the project aims to obtain information that could compromise the company’s assets, integrating indicators of compromise (IOCs) into QRadar and Graylog, thereby improving the ability to monitor and respond quickly to threats. Furthermore, a detailed asset inventory was conducted at the application level, gathering information about applications running on the company’s servers and PCs. With the new system, there was an anticipation in obtaining information about zero-day threats, and threats were identified that, even after a month, had still not been adequately described by internal correlation sources. | pt_PT |
| dc.identifier.tid | 203875753 | |
| dc.identifier.uri | http://hdl.handle.net/10400.5/96384 | |
| dc.language.iso | por | pt_PT |
| dc.subject | Vulnerabilidades | pt_PT |
| dc.subject | Threat Intelligence | pt_PT |
| dc.subject | Dia-Zero | pt_PT |
| dc.subject | Exploits | pt_PT |
| dc.subject | Malware | pt_PT |
| dc.subject | Trabalhos de projeto de mestrado - 2024 | pt_PT |
| dc.title | Desenvolvimento de um Sistema de Partilha de Informações Sobre Ameaças à Cibersegurança | pt_PT |
| dc.type | master thesis | |
| dspace.entity.type | Publication | |
| rcaap.rights | openAccess | pt_PT |
| rcaap.type | masterThesis | pt_PT |
| thesis.degree.name | Trabalho de projeto de mestrado em Engenharia Informática | pt_PT |