Mostrar el registro sencillo del ítem
dc.contributor | Escuela de Ingenierias Industrial, Informática y Aeroespacial | es_ES |
dc.contributor.author | Campazas Vega, Adrián | |
dc.contributor.author | Crespo Martínez, Ignacio Samuel | |
dc.contributor.author | Guerrero Higueras, Ángel Manuel | |
dc.contributor.author | Fernández Llamas, Camino | |
dc.contributor.other | Arquitectura y Tecnologia de Computadores | es_ES |
dc.date | 2020-12-18 | |
dc.date.accessioned | 2024-03-19T13:08:23Z | |
dc.date.available | 2024-03-19T13:08:23Z | |
dc.identifier.citation | Campazas-Vega, A., Crespo-Martínez, I. S., Guerrero-Higueras, Á. M., and Fernández-Llamas, C. (2020). Flow-data gathering using netflow sensors for fitting malicious-traffic detection models. Sensors (Switzerland), 20(24), 1-13. https://doi.org/10.3390/S20247294 | es_ES |
dc.identifier.uri | https://hdl.handle.net/10612/19087 | |
dc.description.abstract | [EN] Advanced persistent threats (APTs) are a growing concern in cybersecurity. Many companies and governments have reported incidents related to these threats. Throughout the life cycle of an APT, one of the most commonly used techniques for gaining access is network attacks. Tools based on machine learning are effective in detecting these attacks. However, researchers usually have problems with finding suitable datasets for fitting their models. The problem is even harder when flow data are required. In this paper, we describe a framework to gather flow datasets using a NetFlow sensor. We also present the Docker-based framework for gathering netflow data (DOROTHEA), a Docker-based solution implementing the above framework. This tool aims to easily generate taggable network traffic to build suitable datasets for fitting classification models. In order to demonstrate that datasets gathered with DOROTHEA can be used for fitting classification models for malicious-traffic detection, several models were built using the model evaluator (MoEv), a general-purpose tool for training machine-learning algorithms. After carrying out the experiments, four models obtained detection rates higher than 93%, thus demonstrating the validity of the datasets gathered with the tool. | es_ES |
dc.language | eng | es_ES |
dc.publisher | MDPI | es_ES |
dc.rights | Atribución 4.0 Internacional | * |
dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | * |
dc.subject | Cibernética | es_ES |
dc.subject | Informática | es_ES |
dc.subject.other | NetFlow | es_ES |
dc.subject.other | Packet Flow | es_ES |
dc.subject.other | Advanced Persistent Threat | es_ES |
dc.subject.other | Malicious traffic | es_ES |
dc.subject.other | Dataset | es_ES |
dc.title | Flow-Data Gathering Using NetFlow Sensors for Fitting Malicious-Traffic Detection Models | es_ES |
dc.type | info:eu-repo/semantics/article | es_ES |
dc.identifier.doi | 10.3390/s20247294 | |
dc.description.peerreviewed | SI | es_ES |
dc.relation.projectID | info:eu-repo/grantAgreement/AEI/Programa Programa Estatal de I+D+i Orientada a los Retos de la Sociedad/RTI2018-100683-B-100/ES/DETECCION Y CARACTERIZACION AUTOMATICA DE PROBLEMAS DE CIBERSEGURIDAD EN PLATAFORMAS ROBOTICAS | es_ES |
dc.relation.projectID | Instituto Nacional de Ciberseguridad de España (ADENDA 4: Detección de nuevas amenazas y patrones desconocidos (Red Regional de Ciencia y Tecnología) | es_ES |
dc.rights.accessRights | info:eu-repo/semantics/openAccess | es_ES |
dc.identifier.essn | 1424-8220 | |
dc.journal.title | Sensors | es_ES |
dc.volume.number | 20 | es_ES |
dc.issue.number | 24 | es_ES |
dc.page.initial | 7294 | es_ES |
dc.type.hasVersion | info:eu-repo/semantics/publishedVersion | es_ES |
dc.subject.unesco | 1207.03 Cibernética | es_ES |
dc.subject.unesco | 1203.17 Informática | es_ES |
dc.description.project | Instituto Nacional de Ciberseguridad | es_ES |
dc.description.project | Ministerio de Ciencia, Innovación y Universidades | es_ES |
Ficheros en el ítem
Este ítem aparece en la(s) siguiente(s) colección(ones)
-
Artículos [5086]