Mostrar o rexistro simple do ítem
Early Intrusion Detection for OS Scan Attacks
dc.contributor.author | López-Vizcaíno, Manuel F. | |
dc.contributor.author | Nóvoa, Francisco | |
dc.contributor.author | Fernández, Diego | |
dc.contributor.author | Carneiro, Víctor | |
dc.contributor.author | Cacheda, Fidel | |
dc.date.accessioned | 2024-06-14T09:30:53Z | |
dc.date.issued | 2019-09 | |
dc.identifier.citation | M. López-Vizcaíno, F. J. Novoa, D. Fernández, V. Carneiro and F. Cacheda, "Early Intrusion Detection for OS Scan Attacks," 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA, 2019, pp. 1-5, doi: 10.1109/NCA.2019.8935067. | es_ES |
dc.identifier.uri | http://hdl.handle.net/2183/36931 | |
dc.description | 18th IEEE International Symposium on Network Computing and Applications, NCA 2019, Cambridge, 26 - 28 September 2019 | es_ES |
dc.description.abstract | [Abstract]: Network Intrusion Detection Systems (NIDS) are concerned with the discovery of unauthorized accesses to computer networks by analyzing the traffic in order to detect malicious activity. In the event of an intrusion, the time elapsed until the detection is a key factor to break the Cyber Kill Chain. State-of-the-art studies use a traditional evaluation based on standard accuracy metrics (e.g. precision or F-measure) without taking into account the time required to detect a threat. In this paper, we formally define the early intrusion detection problem. We perform a thorough evaluation adapting existing time-aware metrics to the early detection of threats on a computer network and we also propose a new metric (i.e. NormERDE). Our results show how a good performance on standard metrics may not correspond to good results on early detection metrics. For instance, a technique with a high level of precision could need too much time to detect a threat. Therefore, in this paper we propose taking into account time-aware metrics in NIDS evaluations due to the importance of this factor in a real world environment. | es_ES |
dc.description.sponsorship | This research was supported by the Ministry of Economy and Competitiveness of Spain (Project TIN2015-70648-P) by the Xunta de Galicia (Centro singular de investigación de Galicia accreditation ED431G/01 2016-2019) and the European Union (European Regional Development Fund - ERDF). | es_ES |
dc.description.sponsorship | Xunta de Galicia; ED431G/01 2016-2019 | es_ES |
dc.language.iso | eng | es_ES |
dc.publisher | Institute of Electrical and Electronics Engineers Inc. | es_ES |
dc.relation | info:eu-repo/grantAgreement/MINECO/Plan Estatal de Investigación Científica y Técnica y de Innovación 2013-2016/TIN2015-70648-P/ES/TECNICAS DE INTELIGENCIA COLECTIVA PARA LA GESTION DE AMENAZAS EN REDES Y SISTEMAS T | es_ES |
dc.relation.uri | https://doi.org/10.1109/NCA.2019.8935067 | es_ES |
dc.rights | Copyright © 2019, IEEE | es_ES |
dc.subject | Communication Networks | es_ES |
dc.subject | Early Intrusion Detection | es_ES |
dc.subject | NIDS | es_ES |
dc.title | Early Intrusion Detection for OS Scan Attacks | es_ES |
dc.type | info:eu-repo/semantics/conferenceObject | es_ES |
dc.type | info:eu-repo/semantics/conferenceObject | es_ES |
dc.rights.access | info:eu-repo/semantics/embargoedAccess | es_ES |
dc.date.embargoEndDate | 9999-99-99 | es_ES |
dc.date.embargoLift | 10007-06-07 | |
dc.identifier.doi | 10.1109/NCA.2019.8935067 | |
UDC.conferenceTitle | NCA 2019 | es_ES |