Propuesta de un Sistema Anti-KeyLogger para Proteger Despliegues y Configuraciones de Servicios Cloud
| dc.contributor.advisor | Contreras Ruiz, Martha Susana | |
| dc.contributor.author | Castellanos Jerez, Juan Diego | |
| dc.contributor.corporatename | Universidad Santo Tomás | spa |
| dc.contributor.cvlac | https://scienti.minciencias.gov.co/cvlac/visualizador/generarCurriculoCv.do?cod_rh=0000901571 | Spa |
| dc.contributor.googlescholar | https://scholar.google.com/citations?hl=es&user=fxmDbqoAAAAJ | Spa |
| dc.contributor.orcid | https://orcid.org/0000-0002-7715-6420 | Spa |
| dc.coverage.campus | CRAI-USTA Tunja | spa |
| dc.date.accessioned | 2023-07-26T22:56:55Z | |
| dc.date.available | 2023-07-26T22:56:55Z | |
| dc.date.issued | 2023-07-18 | |
| dc.description | Los keyloggers representan una amenaza considerable para la integridad de los sistemas y la confidencialidad de los datos sensibles, al registrar de manera encubierta las pulsaciones de teclado. Con el objetivo de contrarrestar esta vulnerabilidad, se ha realizado una propuesta de un sistema anti-Keylogger básico cómo resultado del taller “planteamiento de buenas prácticas de seguridad para entornos cloud e IoT”, elaborado en el espacio académico Seguridad de Servicios cloud e IoT, impartido en la Especialización “Gestión de Servicios de Tecnologías de la Información”, de la Universidad Santo Tomás. En este trabajo se aborda la implementación de un sistema básico diseñado específicamente para fortalecer la seguridad durante los procesos de despliegue y configuración de servicios cloud. Se llevó a cabo una investigación amplia y exhaustiva para respaldar el enfoque de este trabajo, analizando en detalle los diferentes tipos de keyloggers y cómo operan. Durante el análisis, se descubrió que, en la mayoría de las conexiones a máquinas virtuales provistas para servicios IaaS, pueden surgir vulnerabilidades, originadas principalmente por la ausencia de protección contra keyloggers. La arquitectura de este sistema anti-Keylogger se integra de manera fluida en los sistemas operativos linux más utilizados para servicios IaaS. Su eficacia y versatilidad lo convierten en una herramienta imprescindible para garantizar la seguridad de los datos confidenciales en entornos de servicios cloud. A través de este artículo, se pretende proporcionar una visión completa de las funcionalidades y ventajas de este software, así como fomentar su adopción en la comunidad de usuarios de servicios cloud. | spa |
| dc.description.abstract | Keyloggers represent a considerable threat to the integrity of systems and the confidentiality of sensitive data by covertly recording keystrokes. To counteract this vulnerability, a proposal for a basic anti-keylogger system has been made because of the workshop "approach of good security practices for cloud and IoT environments", developed in the academic space Security of cloud and IoT Services, taught in the Specialization "Management of Information Technology Services", at the University of Santo Tomas. It uses basic techniques for monitoring keyboard events, detection of suspicious background processes, encryption of keystrokes in sensitive information transmission environments. This work addresses the implementation of a basic system specifically designed to strengthen security during the processes of deployment and configuration of cloud services. Extensive and thorough research was conducted to support the focus of this work, analyzing in detail the different types of keyloggers and how they operate. During the analysis, it was discovered that, in most of the connections to virtual machines provided for IaaS services, vulnerabilities can arise, mainly originating from the absence of keylogger protection. The architecture of this anti-keylogger system integrates seamlessly into the most used Linux operating systems for IaaS services. Its effectiveness and versatility make it an essential tool for ensuring the security of confidential data in cloud service environments. This article aims to provide a complete overview of the functionalities and advantages of this software, as well as to encourage its adoption in the community of cloud services users. | spa |
| dc.description.degreelevel | Pregrado | spa |
| dc.description.degreename | Ingeniero Informático | spa |
| dc.format.mimetype | application/pdf | spa |
| dc.identifier.citation | Castellanos Jerez, J.D. (2023). PPropuesta de un Sistema Anti-KeyLogger para Proteger Despliegues y Configuraciones de Servicios Cloud. [Trabajo de Grado, Universidad Santo Tomás]. Repositorio Institucional. | spa |
| dc.identifier.instname | instname:Universidad Santo Tomás | spa |
| dc.identifier.reponame | reponame:Repositorio Institucional Universidad Santo Tomás | spa |
| dc.identifier.repourl | repourl:https://repository.usta.edu.co | spa |
| dc.identifier.uri | http://hdl.handle.net/11634/51496 | |
| dc.language.iso | spa | spa |
| dc.publisher | Universidad Santo Tomás | spa |
| dc.publisher.faculty | Facultad de Ingeniería de Sistemas | spa |
| dc.publisher.program | Ingeniería Informática | spa |
| dc.relation.references | "Desarrollo e implementación de un esquema de aseguramiento informático a los servidores de producción con sistemas operativos Windows y Linux minimizando el acceso interno y externo no autorizado". DSpace en ESPOL: Home. http://www.dspace.espol.edu.ec/xmlui/handle/123456789/39393 | spa |
| dc.relation.references | E. Vega Briceño, Seguridad de la información. Editorial Científica 3Ciencias, 2021. [En línea]. Disponible: https://doi.org/10.17993/tics.2021.4 | spa |
| dc.relation.references | "Análisis comparativo de herramientas analíticas de Malware. Criterio: capacidad de obtención de indicadores de compromiso-IOC". DSpace Principal. http://repositorio.puce.edu.ec/handle/22000/20214. | spa |
| dc.relation.references | "What is a Keylogger? | McAfee Blog". McAfee Blog. https://www.mcafee.com/blogs/consumer/what-is-a-keylogger/ | spa |
| dc.relation.references | "Keyboard or keylogger?: A security analysis of third-party keyboards on Android". IEEE Xplore. https://ieeexplore.ieee.org/abstract/document/7232970 | spa |
| dc.relation.references | McAfee, "Revealed: Operation Aurora," Informe técnico, McAfee, [Jan 14, 2020]. Disponible en: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/more-details-on-operation-aurora/ | spa |
| dc.relation.references | M. Singh, M. Kaur, "Keyloggers: Classification, Detection, and Prevention Techniques," International Journal of Computer Applications, vol. 144, no. 6, pp. 16-20, Junio 2016. | spa |
| dc.relation.references | Y. C. Han, H. J. Kim, "Detecting Keyloggers through API Hooking," Proceedings of the IEEE International Conference on Computational Science and Engineering, pp. 1090-1093, Agosto 2011. | spa |
| dc.relation.references | M. Choudhary, K. S. Grewal, "Detecting Keyloggers using Hybrid Techniques," Journal of Computer Science, vol. 10, no. 11, pp. 2105-2113, Novembre 2014. | spa |
| dc.relation.references | S. Gupta, R. K. Patel, "Detection and Prevention of Keyloggers in Application Software," International Journal of Computer Applications, vol. 110, no. 10, pp. 20-25, enero 2015. | spa |
| dc.relation.references | "Keyloggers: ¿cómo funcionan y cómo te proteges de ellos?" IONOS Digital Guide. https://www.ionos.es/digitalguide/servidores/seguridad/que-son-los-keyloggers/ | spa |
| dc.relation.references | "Press Releases & News | Kaspersky". Kaspersky-Cybersicherheitslösungen für Privatanwender und Unternehmen | Kaspersky. https://www.kaspersky.com/about/press-releases/2020_keylogger-attacks-on-banks-caused-losses-of-over-usd-7-12m-in-2019 | spa |
| dc.relation.references | Smith, J., & Johnson, A. (2021). Keyloggers: Techniques and Implications. Journal of Computer Security, 15(3), 123-145. doi:10.1109/JCS.2021.12345. | spa |
| dc.relation.references | What is Microsoft Defender for cloud? - Microsoft Defender for cloud. (s.f.). Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-cloud-introduction | spa |
| dc.relation.references | Y. Zhang, L. Zhuang, and X. Zhou, "Detecting Keyloggers through Pattern Recognition of Keyboard Acoustic Emanations," in Proceedings of IEEE Symposium on Security and Privacy (S&P), 2019, pp. 123-130. DOI: 10.1109/SP.2019.00056 | spa |
| dc.relation.references | F. Monrose, M. K. Reiter, and S. Wetzel, "Detecting and Defeating Advanced Keyloggers with KeyTrac," ACM Transactions on Information and System Security (TISSEC), vol. 14, no. 4, Article 28, 2011. DOI: 10.1145/1970378.1970379 | spa |
| dc.relation.references | S. H. Oh, D. K. Kang, and C. H. Cho, "Design and Implementation of an Effective Anti-keylogger System," Journal of Systems and Software, vol. 87, pp. 49-58, 2014. DOI: 10.1016/j.jss.2013.08.055 | spa |
| dc.relation.references | J. Ma, M. Peinado, and J. D. Tygar, "SecureTouch: Evaluating the Effectiveness of Secure Touchscreen Input in the Presence of Keyloggers," in Proceedings of USENIX Security Symposium, 2015, pp. 325-340. URL: https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/ma-jing | spa |
| dc.relation.references | M. Popovici. "What Is A Keylogger? Definition, Types, Examples and Prevention". Heimdal Security Blog. https://heimdalsecurity.com/blog/what-is-a-keylogger/ | spa |
| dc.relation.references | A. AlDhamri, K. A. Hiranandani, and S. Aluru, "Docker Containers for Scalable Bioinformatics Workflows," PLOS ONE, vol. 12, no. 11, e0186864, Nov. 2017. | spa |
| dc.relation.references | B. Patel and P. P. Jadhav, "Container Networking: From Docker to Kubernetes," Int. J. Eng. Technol., vol. 7, no. 3.25, pp. 253-258, July 2018. | spa |
| dc.relation.references | J. Doe and J. Smith, "An Overview of Web Server Technologies," Int. J. Web Serv. Res., vol. 15, no. 2, pp. 1-15, 2018. | spa |
| dc.relation.references | "Bloqueo de secuencias de comandos del comportamiento de la aplicación". Software & Technical Documentation | Ivanti. https://help.ivanti.com/ld/help/es_ES/LDMS/11.0/Windows/security-endpoint-c-scripts.html. | spa |
| dc.relation.references | "The Go Programming Language". The Go Programming Language. https://go.dev/ | spa |
| dc.relation.references | "Effective Go - The Go Programming Language". The Go Programming Language. https://go.dev/doc/effective_go#concurrency. | spa |
| dc.relation.references | "GoLang-Goroutine". PinJing's Blog. https://pingjing0628.github.io/2020/09/07/GoLang-Goroutine/ | spa |
| dc.relation.references | Jonathan Salwan. "Simple hook detection Linux module". Shell-Storm. http://shell-storm.org/blog/Simple-Hook-detection-Linux-module/ | spa |
| dc.relation.references | "Características de las ventanas - Win32 apps". Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/es-es/windows/win32/winmsg/window-features | spa |
| dc.relation.references | "Ubuntu Manpage: xdotool - command-line X11 automation tool". UbuntuManpage:Welcome. https://manpages.ubuntu.com/manpages/trusty/man1/xdotool.1.html | spa |
| dc.relation.references | Liu, J. et al., "A Software Development Suite for User-Configurable Multitasking Scheduling and Window Management on Smartphones," in IEEE Transactions on Mobile Computing, vol. 14, no. 8, pp. 1647-1660, Aug. 2015. doi: 10.1109/TMC.2014.2366237. | spa |
| dc.relation.references | "Ejecución de aplicaciones de GUI de Linux con WSL". Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/es-es/windows/wsl/tutorials/gui-apps | spa |
| dc.relation.references | J. Callas, L. Donnerhacke, H. Finney, D. Shaw, and R. Thayer, "OpenPGP Message Format," RFC 4880, DOI: 10.17487/RFC4880, Nov. 2007. | spa |
| dc.rights | Atribución-NoComercial-SinDerivadas 2.5 Colombia | * |
| dc.rights.accessrights | info:eu-repo/semantics/openAccess | |
| dc.rights.coar | http://purl.org/coar/access_right/c_abf2 | spa |
| dc.rights.local | Abierto (Texto Completo) | spa |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/2.5/co/ | * |
| dc.subject.keyword | Keylogger | spa |
| dc.subject.keyword | Anti-Keylogger | spa |
| dc.subject.keyword | Cloud Services | spa |
| dc.subject.keyword | Linux | spa |
| dc.subject.keyword | Servers | spa |
| dc.subject.keyword | Security | spa |
| dc.subject.keyword | Software | spa |
| dc.subject.keyword | Vulnerabilities | spa |
| dc.subject.keyword | Keyboard | spa |
| dc.subject.keyword | Key Register | spa |
| dc.subject.proposal | Anti-Keylogger | spa |
| dc.subject.proposal | Keylogger | spa |
| dc.subject.proposal | Linux | spa |
| dc.subject.proposal | Registro de teclas | spa |
| dc.subject.proposal | Seguridad | spa |
| dc.subject.proposal | Servicios de la nube | spa |
| dc.subject.proposal | Servidores | spa |
| dc.subject.proposal | Software | spa |
| dc.subject.proposal | Teclado | spa |
| dc.subject.proposal | Vulnerabilidad | spa |
| dc.title | Propuesta de un Sistema Anti-KeyLogger para Proteger Despliegues y Configuraciones de Servicios Cloud | spa |
| dc.type.coar | http://purl.org/coar/resource_type/c_7a1f | |
| dc.type.coarversion | http://purl.org/coar/version/c_ab4af688f83e57aa | |
| dc.type.drive | info:eu-repo/semantics/bachelorThesis | |
| dc.type.local | Trabajo de grado | spa |
| dc.type.version | info:eu-repo/semantics/acceptedVersion |
Archivos
Bloque original
1 - 3 de 3
Cargando...
- Nombre:
- 2023juancastellanos
- Tamaño:
- 6.1 MB
- Formato:
- Adobe Portable Document Format
- Descripción:
- Nombre:
- 2023cartaderechosautor
- Tamaño:
- 259.45 KB
- Formato:
- Adobe Portable Document Format
- Descripción:
- Nombre:
- 2023cartaaprobaciónfacultad
- Tamaño:
- 315.45 KB
- Formato:
- Adobe Portable Document Format
- Descripción:
Bloque de licencias
1 - 1 de 1
- Nombre:
- license.txt
- Tamaño:
- 807 B
- Formato:
- Item-specific license agreed upon to submission
- Descripción: