RT info:eu-repo/semantics/article
T1 Flow-Data Gathering Using NetFlow Sensors for Fitting Malicious-Traffic Detection Models
A1 Campazas Vega, Adrián
A1 Crespo Martínez, Ignacio Samuel
A1 Guerrero Higueras, Ángel Manuel
A1 Fernández Llamas, Camino
A2 Arquitectura y Tecnologia de Computadores
K1 Cibernética
K1 Informática
K1 NetFlow
K1 Packet Flow
K1 Advanced Persistent Threat
K1 Malicious traffic
K1 Dataset
K1 1207.03 Cibernética
K1 1203.17 Informática
AB [EN] Advanced persistent threats (APTs) are a growing concern in cybersecurity. Many companiesand governments have reported incidents related to these threats. Throughout the life cycle of anAPT, one of the most commonly used techniques for gaining access is network attacks. Tools based onmachine learning are effective in detecting these attacks. However, researchers usually have problemswith finding suitable datasets for fitting their models. The problem is even harder when flow data arerequired. In this paper, we describe a framework to gather flow datasets using a NetFlow sensor. We alsopresent the Docker-based framework for gathering netflow data (DOROTHEA), a Docker-based solutionimplementing the above framework. This tool aims to easily generate taggable network traffic to buildsuitable datasets for fitting classification models. In order to demonstrate that datasets gathered withDOROTHEA can be used for fitting classification models for malicious-traffic detection, several modelswere built using the model evaluator (MoEv), a general-purpose tool for training machine-learningalgorithms. After carrying out the experiments, four models obtained detection rates higher than 93%,thus demonstrating the validity of the datasets gathered with the tool.
PB MDPI
LK https://hdl.handle.net/10612/19087
UL https://hdl.handle.net/10612/19087
NO Campazas-Vega, A., Crespo-Martínez, I. S., Guerrero-Higueras, Á. M., and Fernández-Llamas, C. (2020). Flow-data gathering using netflow sensors for fitting malicious-traffic detection models. Sensors (Switzerland), 20(24), 1-13. https://doi.org/10.3390/S20247294
DS BULERIA. Repositorio Institucional de la Universidad de León
RD 18-may-2024