Portal de Programas de Pós-Graduação (UFRN)

SIGAA - Sistema Integrado de Gestão de Atividades Acadêmicas

PPGTI/UFRN PROGRAMA DE PÓS-GRADUAÇÃO EM TECNOLOGIA DA INFORMAÇÃO DIRETORIA DE ENSINO - IMD Phone: Not available E-mail: ppgti@imd.ufrn.br https://posgraduacao.ufrn.br/ppgti

Banca de QUALIFICAÇÃO: MARCELO LUIZ DE FRANÇA

Uma banca de QUALIFICAÇÃO de MESTRADO foi cadastrada pelo programa.
STUDENT : MARCELO LUIZ DE FRANÇA
DATE: 30/01/2020
TIME: 09:00
LOCAL: IMD-CIVT B206
TITLE:

Using the TEDA algorithm for anomaly detection in ISP networks with emphasis on DoS / DDoS attacks

KEY WORDS:

DDoS, TEDA, Network Security

PAGES: 35
BIG AREA: Ciências Exatas e da Terra
AREA: Ciência da Computação
SUBÁREA: Sistemas de Computação
SPECIALTY: Teleinformática
SUMMARY:

A Distributed Denial of Service (DDoS) attack is an organized distributed packet sending technique designed to overload network devices and communication channels between them. In general, its primary purpose is to prevent legitimate users from accessing networks, servers, services, or other networking features. Although the importance of mechanisms to protect or mitigate the effects of this type of attack is clear, their correct detection is still a challenge due to the dynamics and volume of current communications and network connections. Although the specific literature is full of solutions to the problem, most of them rely on Artificial Intelligence algorithms that involve learning based on training or reinforcement, and it is necessary to extract characteristics from previously collected traffic. Thus, these techniques need to “look back” to understand network traffic. Because of this, many of these solutions are not applicable to more dynamic and high-traffic environments such as internet providers. In this dissertation, we propose an approach for detecting DDoS attacks using the Typicality and Eccentricity Data Analytics (TEDA) algorithm. TEDA is a recursive and non-parametric method, firstly proposed to the general problem of anomaly detection on data streams. By using TEDA we expect that it will be possible to analyze the current traffic on the network, reducing the detection delay, since it is based on the concept of data eccentricity, without any prior knowledge of the network traffic pattern. Thus, TEDA allows you to “look into the present”, ie the data currently being trafficked, thus ensuring a more timely detection. This approach should be evaluated and tested against other related approaches in terms of sensitivity, specificity, false positive rate (PRF) and detection accuracy.

BANKING MEMBERS:
Presidente - 2266415 - SILVIO COSTA SAMPAIO
Externo ao Programa - 1525670 - MARCOS CESAR MADRUGA ALVES PINHEIRO
Externo ao Programa - 3139050 - ROGER KREUTZ IMMICH

Notícia cadastrada em: 10/01/2020 15:24