cambiar a curso:   2018-19   2020-21


Grado en Ingeniería Informática


TRABAJOS FIN DE GRADO
curso: 2019-20

Análisis Forense a la memoria no volátil del sistema operativo Ubuntu Core


Tecnologías Específicas

Tecnologías de la Información
 


Descripcion y Objetivos

The broad definition given to the Internet of Things has made it very difficult to establish boundaries on what is considered the IoT, and the growth that this environment has experienced over recent years has not facilitated the task. The concept was introduced by Kevin Ashton in 1999. More than 20 years later, it is still used for that purpose, but its range has expanded so immensely that we can no longer consider that IoT exists only in an industrial context. On the contrary, it is almost impossible to imagine a scenario in which an IoT device cannot be present.

It is evidenced by the number of malware samples detected in the first half of 2018, which surpassed 120,000, three times higher than the previous year. On scrutinizing the data, it can be seen that 82% of the attacks targeted the Telnet service, which is well known to be deprecated due to its security flaws. As a consequence, the number of incidents in which IoT devices are involved has increased significantly, since cybercriminals can compromise them quite easily, and, in contexts such as eHealth or critical environments, the damage that they can cause is considerable.

Under these circumstances, techniques are needed to guarantee that when an incident arises, information can be properly recovered and analyzed to determine how it happened and adopt corrective measures, especially if the investigation requires the initiation of a legal process. But the same problem described for IoT security applies in forensics; this vast increase in cyberincidents calls for an improvement in this field, as there are no specific tools or methodologies for investigators to use in their analysis. This is due to the fact that the characteristics of the environment are too dissimilar from those in conventional forensics, so the current state of digital forensics cannot satisfy the requirements of IoT and provide techniques to perform complete and efficient investigations.

At this point this TFG proposes:

* Read the documentation about IoT tecnology

* Find out the state of the art related to this research topic

* Select the tecnology to investigate and deploy the infraestrucutre proposed

* Extract and investigate about the evidences

* Write the TFG document

 

 


Metodología y Competencias

This TFG will folow this methodology:

-  Study and learn about forensics and IoT

- Learn about different tools and distributions to perform forensics in systems, network, and devices

- Deploy and IoT infrastructure by using real devices. 

- Make a forensic study from proposed infrastructure

- Evaluate and analyze the obtained results

- Write the document

 


Medios a utilizar

Software requirements and documentation are available to the student. Also, tools are, most of them, based on license free (GPL). And, about hardware material (such Raspberry) are available in the i3a. 

 


Bibliografía

[1] Symantec Enterprise Security. Symantec internet security threat report. Technical report, Symantec Enterprise Security, 2008.

[2] Virus Total: https://www.virustotal.com/es/

[3] http://openaccess.uoc.edu/webapps/o2/bitstream/10609/82136/6/parriagaTFM0618memoria.pdf

 


Tutores


MARTINEZ MARTINEZ, JOSE LUIS
CASTELO GÓMEZ, JUAN MANUEL
 

Alumno


AMO MÍNGUEZ, ÁLVARO DEL