Use this link to cite:
https://hdl.handle.net/2183/48604 Desarrollo de una herramienta de captura de tráfico de red orientada a la protección de datos
Loading...
Identifiers
Publication date
Authors
Pérez Mosquera, Daniel
Advisors
Other responsabilities
Journal Title
Bibliographic citation
Type of academic work
Academic degree
Abstract
[Resumen]: Actualmente, los capturadores de tráfico son herramientas clave en la monitorización de redes, ya que permiten detectar fallos, analizar el comportamiento del tráfico y prevenir incidentes de seguridad. No obstante, su uso plantea importantes desafíos relacionados con la privacidad, ya que pueden capturar datos sensibles como direcciones IP, direcciones MAC o información contenida en paquetes no cifrados. Estos datos están protegidos por la normativa vigente, que exige medidas específicas para su tratamiento y almacenamiento seguro. Otro problema significativo es el elevado coste de muchas herramientas comerciales de captura de tráfico, así como la complejidad de su integración en infraestructuras existentes. En muchos casos, su implementación requiere modificaciones en la configuración de la red o el uso de técnicas intrusivas, lo que limita su adopción en determinados entornos. En este contexto, este Trabajo de Fin de Grado presenta el diseño e implementación de un sniffer que aborda estos retos mediante la integración de mecanismos de anonimización y protección de datos. La herramienta está diseñada para ejecutarse en hardware de bajo coste, como una Raspberry Pi, y operar de forma transparente, sin requerir modificaciones en la infraestructura de red. Además, se configura como una solución plug-and-play, lo que facilita su despliegue. Además de los objetivos establecidos, se diseñó y desarrolló una aplicación de control que permite gestionar y monitorizar de forma remota la ejecución de la herramienta. Esta funcionalidad añade flexibilidad al sistema, ya que permite operar en dos modos distintos. Por un lado, el modo single, enfocado en la portabilidad y en la captura autónoma del tráfico. Por otro, el modo distributed, que permite controlar varios nodos capturadores desde la aplicación centralizada. Finalmente, tanto la herramienta de captura como la aplicación de control han sido publicadas como proyectos open source en los siguientes repositorios de Github: https://github.com/danipemos/sniffer y https://github.com/danipemos/sniffer-WEB.
[Abstract]: Currently, traffic capture tools are key components in network monitoring, as they allow the detection of failures, analysis of traffic behavior, and prevention of security incidents. However, their use poses significant challenges related to privacy, as they may capture sensitive data such as IP addresses, MAC addresses, or information contained in unencrypted packets. This data is protected by current regulations, which require specific measures for its secure processing and storage. Another significant issue is the high cost of many commercial traffic capture tools, as well as the complexity of integrating them into existing infrastructures. In many cases, their implementation requires modifications to the network configuration or the use of intrusive techniques, which limits their adoption in certain environments. In this context, this degree thesis presents the design and implementation of a sniffer that addresses these challenges by integrating anonymization mechanisms and data protection measures. The tool is designed to run on low-cost hardware, such as a Raspberry Pi, and to operate transparently, without requiring modifications to the existing network infrastructure. In addition, it is configured as a plug-and-play solution, which facilitates its deployment. In addition to the initial objectives, a control application was designed and developed to remotely manage and monitor the execution of the tool. This functionality adds flexibility to the system, as it supports two distinct modes of operation. On the one hand, the single mode is focused on portability and autonomous traffic capture. On the other hand, the distributed mode enables control of multiple capture nodes from a centralized application. Finally, both the capture tool and the control application have been published as open source projects in the following GitHub repositories: https://github.com/danipemos/sniffer and https://github.com/danipemos/sniffer-WEB.
[Abstract]: Currently, traffic capture tools are key components in network monitoring, as they allow the detection of failures, analysis of traffic behavior, and prevention of security incidents. However, their use poses significant challenges related to privacy, as they may capture sensitive data such as IP addresses, MAC addresses, or information contained in unencrypted packets. This data is protected by current regulations, which require specific measures for its secure processing and storage. Another significant issue is the high cost of many commercial traffic capture tools, as well as the complexity of integrating them into existing infrastructures. In many cases, their implementation requires modifications to the network configuration or the use of intrusive techniques, which limits their adoption in certain environments. In this context, this degree thesis presents the design and implementation of a sniffer that addresses these challenges by integrating anonymization mechanisms and data protection measures. The tool is designed to run on low-cost hardware, such as a Raspberry Pi, and to operate transparently, without requiring modifications to the existing network infrastructure. In addition, it is configured as a plug-and-play solution, which facilitates its deployment. In addition to the initial objectives, a control application was designed and developed to remotely manage and monitor the execution of the tool. This functionality adds flexibility to the system, as it supports two distinct modes of operation. On the one hand, the single mode is focused on portability and autonomous traffic capture. On the other hand, the distributed mode enables control of multiple capture nodes from a centralized application. Finally, both the capture tool and the control application have been published as open source projects in the following GitHub repositories: https://github.com/danipemos/sniffer and https://github.com/danipemos/sniffer-WEB.
Description
Editor version
Rights
Attribution 4.0 International







