Thesis Plataforma de Gestión de Superficies de Ataque Cibernético para Operadores de Telecomunicaciones
Loading...
Date
2025-03
Authors
Journal Title
Journal ISSN
Volume Title
Program
Ingeniería Civil Telemática
Campus
Campus Santiago San Joaquín
Abstract
Las organizaciones enfrentan el reto de proteger sus activos ante amenazas cibernéticas en constante evolución. Este proyecto desarrolla una aplicación web escalable para gestionar y analizar la superficie de ataque de un operador de telecomunicaciones, centralizando información obtenida mediante una herramienta de reconocimiento personalizada. A través de modelos de aprendizaje de máquinas (machine learning), como Isolation Forest, se identifican patrones, anomalías y vulnerabilidades críticas para priorizar la respuesta ante riesgos.
El sistema evalúa el nivel de riesgo de cada activo en función de la presencia de 8 vectores de ataque específicos. Si se detecta al menos uno, se calcula un nivel de riesgo, permitiendo priorizar la mitigación de amenazas. La solución integra tecnologías como Flask, SQLite y Docker, garantizando un manejo eficiente de grandes volúmenes de datos con tiempos de respuesta óptimos. Además, la interfaz ha sido optimizada para mejorar la experiencia del usuario mediante una visualización clara de los riesgos, facilitando la interpretación de datos. Pruebas con usuarios revelaron mejoras en la interacción con etiquetas (tags), reducción en la complejidad de carga de datos y una navegación más intuitiva, favoreciendo la toma de decisiones y priorización de activos.
Organizations face the challenge of protecting their assets from constantly evolving cyber threats. This project develops a scalable web application to manage and analyze the attack surface of a telecommunications operator, centralizing information obtained through a customized reconnaissance tool. Through machine learning models, such as Isolation Forest, patterns, anomalies and critical vulnerabilities are identified to prioritize risk response. The system evaluates the risk level of each asset based on the presence of 8 specific attack vectors. If at least one is detected, a risk level is calculated, allowing prioritization of threat mitigation. The solution integrates technologies such as Flask, SQLite and Docker, ensuring efficient handling of large volumes of data with optimal response times. In addition, the interface has been optimized to improve the user experience through a clear visualization of risks, facilitating data interpretation. User testing revealed improved interaction with tags, reduced data loading complexity, and more intuitive navigation, facilitating decision making and asset prioritization.
Organizations face the challenge of protecting their assets from constantly evolving cyber threats. This project develops a scalable web application to manage and analyze the attack surface of a telecommunications operator, centralizing information obtained through a customized reconnaissance tool. Through machine learning models, such as Isolation Forest, patterns, anomalies and critical vulnerabilities are identified to prioritize risk response. The system evaluates the risk level of each asset based on the presence of 8 specific attack vectors. If at least one is detected, a risk level is calculated, allowing prioritization of threat mitigation. The solution integrates technologies such as Flask, SQLite and Docker, ensuring efficient handling of large volumes of data with optimal response times. In addition, the interface has been optimized to improve the user experience through a clear visualization of risks, facilitating data interpretation. User testing revealed improved interaction with tags, reduced data loading complexity, and more intuitive navigation, facilitating decision making and asset prioritization.
Description
Keywords
Ciberseguridad, Aprendizaje automático, Visualización de datos, Seguridad informática
