Publication: Diseño e implementación de un monitor de acciones para dispositivos limitados
Loading...
Identifiers
Publication date
2009-06
Defense date
2009
Authors
Advisors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
Impact
Export
Abstract
Cuando el inventor del primer teléfono móvil, Martin Cooper, realizó la primera llamada telefónica hace treinta años, no imaginó la repercusión y la evolución que su invento podría tener. Los terminales móviles actuales han evolucionado tanto respecto a sus capacidades de cómputo que nos permiten hacer actividades que hace una década realizábamos con los PCs de sobremesa corrientes: ya no sólo utilizamos los terminales móviles para llamar o mandar mensajes de texto, si no que mandamos correos electrónicos, vemos y modificamos nuestra agenda personal, e incluso, los profesores los utilizan para pasar lista en clase. El uso extendido de estos dispositivos ha hecho que los cibercriminales tengan como nuevo objetivo los terminales móviles. Por ello, es necesario establecer nuevos sistemas de seguridad orientados a estos dispositivos. Tras estudiar el comportamiento de los IDS y de los monitores de acciones, se propone un sistema híbrido que monitorice y alerte de todos los posibles ataques que lleguen al dispositivo limitado. Por ello, se diseña e implementa un monitor de acciones prototipo que sea capaz de leer todos los eventos que producen ciertas aplicaciones Java ME instaladas en el sistema y todos los eventos de red producidos y alertar, en caso de que los eventos sean considerados como ataques. El monitor de acciones se apoyará en un sistema de patrones de ataque y reglas para decidir si el evento que se ha sucedido es un ataque o no. Todas las reglas y patrones de ataques, además de los eventos que llegan, serán registrados en una base de datos en formato XML que optimizará el limitado espacio en disco del que cuentan estos dispositivos. Cuando se haya detectado un ataque, el monitor de acciones será capaz de alertar al usuario y registrar el evento en un fichero de log. Todo el sistema previamente definido se apoya en una interfaz gráfica de usuario, de tal modo que el mismo usuario pueda ver todos los ataques en tiempo real y configurar todos aquellos eventos que quiera definir como ataques. ___________________________________________________
When the inventor of the first mobile phone, Martin Cooper, calls for first time thirty years ago, he couldn’t imagine the impact and evolution that his invention was going to have. Current mobile phones have highly improve their performing operations and we can do with them some of he activities when did ten year ago with normal personal computers. That means that apart from calling or sending text messages, thanks mobile phones, we can send or read emails, read and modify our personal agenda even teachers can call the roll. As the number of mobile phone has increased, the new aim of hackers is attack mobile phones. That’s why it is necessary set up new security systems that could protect mobile phones. After studying IDS and actions monitor behaviours, we propose a hybrid system that monitors our device and warns us about attacks that happened; taking into account that a new actions monitor prototype is designed and implemented. The actions monitor should be able to detect all the events that some Java ME applications produce. It should also detect all internet events. After detecting the events, the action monitor should be able to decide if those events where attacks or not, and warn in case. Actions monitor will have an attacks pattern and a rule system that will help it to identify possible attacks among all the events that have happened. Those rules and potential attacks, as well as events, are registered in a database written in XML format in order to optimize the limited capacity of the phone hard disk. When actions monitor finds out an attack, it will warn the user and register the event in a log file. Finally, the application is presented to the user with a simple graphical user interface that will help the user to review the attacks that were found and to configure new rules and potential attacks.
When the inventor of the first mobile phone, Martin Cooper, calls for first time thirty years ago, he couldn’t imagine the impact and evolution that his invention was going to have. Current mobile phones have highly improve their performing operations and we can do with them some of he activities when did ten year ago with normal personal computers. That means that apart from calling or sending text messages, thanks mobile phones, we can send or read emails, read and modify our personal agenda even teachers can call the roll. As the number of mobile phone has increased, the new aim of hackers is attack mobile phones. That’s why it is necessary set up new security systems that could protect mobile phones. After studying IDS and actions monitor behaviours, we propose a hybrid system that monitors our device and warns us about attacks that happened; taking into account that a new actions monitor prototype is designed and implemented. The actions monitor should be able to detect all the events that some Java ME applications produce. It should also detect all internet events. After detecting the events, the action monitor should be able to decide if those events where attacks or not, and warn in case. Actions monitor will have an attacks pattern and a rule system that will help it to identify possible attacks among all the events that have happened. Those rules and potential attacks, as well as events, are registered in a database written in XML format in order to optimize the limited capacity of the phone hard disk. When actions monitor finds out an attack, it will warn the user and register the event in a log file. Finally, the application is presented to the user with a simple graphical user interface that will help the user to review the attacks that were found and to configure new rules and potential attacks.
Description
Keywords
Radiocomunicación, Dispositivos móviles, Protección de datos