Logo do repositório
 
Publicação

Deteção de acessos suspeitos de utilizadores nominais em BDs

2025Dissertação de mestrado Acesso aberto
Ver registo simples
dc.contributor.advisorRespício,Ana Luísa do Carmo Correia
dc.contributor.advisorRamalho,Ricardo Gonçalves
dc.contributor.authorAntónio,Francisco Romba
dc.contributor.institutionFaculdade de Ciências
dc.contributor.institutionDepartamento de Informática 
dc.date.accessioned2026-01-19T17:25:03Z
dc.date.available2026-01-19T17:25:03Z
dc.date.issued2025
dc.descriptionTese de Mestrado, Segurança Informática, 2025, Universidade de Lisboa, Faculdade de Ciências
dc.description.abstractThe detection of suspicious access to data bases is essential to protect critical information in organizations within the Information and Communication Technologies (ICT) sector, such as MEO. With increasing digitalization, databases have become both strategic assets and potential targets for threats. In this context, the Cyber security Department (DCY) at MEO has prioritized the implementation of monitoring mechanisms that ensure the confidentiality, integrity, and availability of information. This project aimed to develop an automated solution to detect suspicious access by nominal users, combining continuous monitoring, behavioral analysis, incident reporting, and integration with rapid response capabilities. The solution was structured around three use cases: (1) HouseKeepingDB, designed to identify database accounts associated with employees who have left the company; (2) AccountSharing, focused on detecting improper use or credential sharing; and (3) DBAMonitoring, aimed at detecting access to critical data by database administrators. Each use case includes data collection and normalization, detection of suspicious behavior, and automatic generation of evidence and reports, forming a complete monitoring and alerting system. Validation of a real-world sample produced relevant results: in HouseKeepingDB, 13.51% of analyzed accounts belonged to former employees, with 3.11% still active; in AccountSharing, 99% of cases involved application accounts accessed by nominal users, with severity scores ranging from 2.5 to 6.25; and in DBA monitoring, one legitimate access to critical data was correctly flagged by the system. The results confirm the robustness and reliability of the proposed approach, strengthening information security, operational resilience, and compliance with the RGPD.en
dc.formatapplication/pdf
dc.identifier.tid204174945
dc.identifier.urihttp://hdl.handle.net/10400.5/116717
dc.language.isopor
dc.subjectDatabases
dc.subjectGDPR
dc.subjectSuspicious accesses
dc.subjectAutomation
dc.titleDeteção de acessos suspeitos de utilizadores nominais em BDspt
dc.typemaster thesis
dspace.entity.typePublication
rcaap.rightsopenAccess

Ficheiros

Principais
A mostrar 1 - 1 de 1
Miniatura
Nome:
TM_Francisco_Antonio.pdf
Tamanho:
13.74 MB
Formato:
Adobe Portable Document Format
Ver/Abrir

Coleções

Pure > Dspace
PURE > Dspace - Faculdade de Ciências