Early Intrusion Detection for OS Scan Attacks
| UDC.coleccion | Investigación | es_ES |
| UDC.conferenceTitle | NCA 2019 | es_ES |
| UDC.departamento | Ciencias da Computación e Tecnoloxías da Información | es_ES |
| UDC.grupoInv | Telemática | es_ES |
| dc.contributor.author | López-Vizcaíno, Manuel F. | |
| dc.contributor.author | Nóvoa, Francisco | |
| dc.contributor.author | Fernández, Diego | |
| dc.contributor.author | Carneiro, Víctor | |
| dc.contributor.author | Cacheda, Fidel | |
| dc.date.accessioned | 2024-06-14T09:30:53Z | |
| dc.date.issued | 2019-09 | |
| dc.description | 18th IEEE International Symposium on Network Computing and Applications, NCA 2019, Cambridge, 26 - 28 September 2019 | es_ES |
| dc.description | This version of the article has been accepted for publication, after peer review. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The Version of Record is available online at: https://doi.org/10.1109/NCA.2019.8935067 | |
| dc.description.abstract | [Abstract]: Network Intrusion Detection Systems (NIDS) are concerned with the discovery of unauthorized accesses to computer networks by analyzing the traffic in order to detect malicious activity. In the event of an intrusion, the time elapsed until the detection is a key factor to break the Cyber Kill Chain. State-of-the-art studies use a traditional evaluation based on standard accuracy metrics (e.g. precision or F-measure) without taking into account the time required to detect a threat. In this paper, we formally define the early intrusion detection problem. We perform a thorough evaluation adapting existing time-aware metrics to the early detection of threats on a computer network and we also propose a new metric (i.e. NormERDE). Our results show how a good performance on standard metrics may not correspond to good results on early detection metrics. For instance, a technique with a high level of precision could need too much time to detect a threat. Therefore, in this paper we propose taking into account time-aware metrics in NIDS evaluations due to the importance of this factor in a real world environment. | es_ES |
| dc.description.sponsorship | This research was supported by the Ministry of Economy and Competitiveness of Spain (Project TIN2015-70648-P) by the Xunta de Galicia (Centro singular de investigación de Galicia accreditation ED431G/01 2016-2019) and the European Union (European Regional Development Fund - ERDF). | es_ES |
| dc.description.sponsorship | Xunta de Galicia; ED431G/01 2016-2019 | es_ES |
| dc.identifier.citation | M. López-Vizcaíno, F. J. Novoa, D. Fernández, V. Carneiro and F. Cacheda, "Early Intrusion Detection for OS Scan Attacks," 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA, 2019, pp. 1-5, doi: 10.1109/NCA.2019.8935067. | es_ES |
| dc.identifier.doi | 10.1109/NCA.2019.8935067 | |
| dc.identifier.uri | http://hdl.handle.net/2183/36931 | |
| dc.language.iso | eng | es_ES |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | es_ES |
| dc.relation.projectID | info:eu-repo/grantAgreement/MINECO/Plan Estatal de Investigación Científica y Técnica y de Innovación 2013-2016/TIN2015-70648-P/ES/TECNICAS DE INTELIGENCIA COLECTIVA PARA LA GESTION DE AMENAZAS EN REDES Y SISTEMAS T | es_ES |
| dc.relation.uri | https://doi.org/10.1109/NCA.2019.8935067 | es_ES |
| dc.rights | Copyright © 2019, IEEE | es_ES |
| dc.rights.accessRights | open access | es_ES |
| dc.subject | Communication networks | es_ES |
| dc.subject | Early intrusion detection | es_ES |
| dc.subject | NIDS | es_ES |
| dc.title | Early Intrusion Detection for OS Scan Attacks | es_ES |
| dc.type | conference output | es_ES |
| dspace.entity.type | Publication | |
| relation.isAuthorOfPublication | 19a4de48-17de-4a09-ae12-7fa2a0f98b03 | |
| relation.isAuthorOfPublication | 6f38fb90-68db-4d7c-89e0-8cff7f9d673c | |
| relation.isAuthorOfPublication | 9b9fbda3-512a-4143-986b-c7b60305e041 | |
| relation.isAuthorOfPublication | 652c136c-eea5-4a78-947c-538b1c99f81b | |
| relation.isAuthorOfPublication | 63253cd0-b4ea-402a-b158-84417c75846a | |
| relation.isAuthorOfPublication.latestForDiscovery | 19a4de48-17de-4a09-ae12-7fa2a0f98b03 |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- LopezVizcaino_Manuel_2019_Early_Intrusion_Detection_for_OS_Scan_Attacks.pdf
- Size:
- 214.43 KB
- Format:
- Adobe Portable Document Format
- Description: