This page has only limited features, please log in for full access.

Dr. Martin Andreoni Lopez
technology innovation institute

Basic Info


Research Keywords & Expertise

0 Wireless
0 IoT
0 network
0 machine learning
0 Mesh Networks

Fingerprints

network
machine learning
Wireless

Honors and Awards

The user has no records in this section


Career Timeline

The user has no records in this section.


Short Biography

Martin Andreoni Lopez is a researcher of the Secure Systems Research Centre (SSRC) at Technology Innovation Institute (TII), United Arab Emirates. He graduated as an Electronics Engineer from Universidad Nacional de San Juan (UNSJ), Argentina, in 2011. He got his Master's degree in Electrical Engineering from the Universidade Federal do Rio de Janeiro (COPPE/UFRJ) in 2014. He got his PhD degree both from the Universidade Federal do Rio de Janeiro (COPPE/UFRJ) in the Teleinformatics and Automation Group (GTA), and from Sorbonne Université in the Phare team of the Laboratoire d'Informatique de Paris VI (LIP6), France. He has several publications and patents in security, virtualization, traffic analysis, and Big Data analytics.

Following
Followers
Co Authors
The list of users this user is following is empty.
Following: 0 users

Feed

Research article
Published: 13 August 2021 in Concurrency and Computation: Practice and Experience
Reads 0
Downloads 0

Late detection of security breaches increases the risk of irreparable damages and limits any mitigation attempts. We propose a fast and accurate threat detection and prevention architecture that combines the advantages of real-time streaming with batch processing over a historical database. We create a dataset by capturing both legitimate and malicious traffic and propose two ways of combining packets into flows, one considering a time window and the other analyzing the first few packets of each flow per period. We also investigate the effectiveness of our proposal on real-world network traces obtained from a significant Brazilian network operator providing broadband Internet to their customers. We implement and evaluate three classification algorithms and two anomaly detection methods. The results show an accuracy higher than 95% and an excellent trade-off between attack detection and false-positive rates. We further propose an improved scheme based on software defined networks that automatically prevents threats by analyzing only the first few packets of a flow. The proposal promptly and efficiently blocks threats, is robust, and can scale up, even when the attacker employs spoofed IP.

ACS Style

Antonio G. Pastana Lobato; Martin Andreoni Lopez; Alvaro A. Cardenas; Otto Carlos M. B. Duarte; Guy Pujolle. A fast and accurate threat detection and prevention architecture using stream processing. Concurrency and Computation: Practice and Experience 2021, e6561 .

AMA Style

Antonio G. Pastana Lobato, Martin Andreoni Lopez, Alvaro A. Cardenas, Otto Carlos M. B. Duarte, Guy Pujolle. A fast and accurate threat detection and prevention architecture using stream processing. Concurrency and Computation: Practice and Experience. 2021; ():e6561.

Chicago/Turabian Style

Antonio G. Pastana Lobato; Martin Andreoni Lopez; Alvaro A. Cardenas; Otto Carlos M. B. Duarte; Guy Pujolle. 2021. "A fast and accurate threat detection and prevention architecture using stream processing." Concurrency and Computation: Practice and Experience , no. : e6561.

Review
Published: 18 January 2021 in Information
Reads 0
Downloads 0

The epidemic spread of fake news is a side effect of the expansion of social networks to circulate news, in contrast to traditional mass media such as newspapers, magazines, radio, and television. Human inefficiency to distinguish between true and false facts exposes fake news as a threat to logical truth, democracy, journalism, and credibility in government institutions. In this paper, we survey methods for preprocessing data in natural language, vectorization, dimensionality reduction, machine learning, and quality assessment of information retrieval. We also contextualize the identification of fake news, and we discuss research initiatives and opportunities.

ACS Style

Nicollas de Oliveira; Pedro Pisa; Martin Lopez; Dianne de Medeiros; Diogo Mattos. Identifying Fake News on Social Networks Based on Natural Language Processing: Trends and Challenges. Information 2021, 12, 38 .

AMA Style

Nicollas de Oliveira, Pedro Pisa, Martin Lopez, Dianne de Medeiros, Diogo Mattos. Identifying Fake News on Social Networks Based on Natural Language Processing: Trends and Challenges. Information. 2021; 12 (1):38.

Chicago/Turabian Style

Nicollas de Oliveira; Pedro Pisa; Martin Lopez; Dianne de Medeiros; Diogo Mattos. 2021. "Identifying Fake News on Social Networks Based on Natural Language Processing: Trends and Challenges." Information 12, no. 1: 38.

Journal article
Published: 19 October 2020 in Journal of Internet Services and Applications
Reads 0
Downloads 0

In this paper we focus on knowledge extraction from large-scale wireless networks through stream processing. We present the primary methods for sampling, data collection, and monitoring of wireless networks and we characterize knowledge extraction as a machine learning problem on big data stream processing. We show the main trends in big data stream processing frameworks. Additionally, we explore the data preprocessing, feature engineering, and the machine learning algorithms applied to the scenario of wireless network analytics. We address challenges and present research projects in wireless network monitoring and stream processing. Finally, future perspectives, such as deep learning and reinforcement learning in stream processing, are anticipated.

ACS Style

Dianne S. V. Medeiros; Helio N. Cunha Neto; Martin Andreoni Lopez; Luiz Claudio S. Magalhães; Natalia C. Fernandes; Alex B. Vieira; Edelberto F. Silva; Diogo M. F. Mattos. A survey on data analysis on large-Scale wireless networks: online stream processing, trends, and challenges. Journal of Internet Services and Applications 2020, 11, 1 -48.

AMA Style

Dianne S. V. Medeiros, Helio N. Cunha Neto, Martin Andreoni Lopez, Luiz Claudio S. Magalhães, Natalia C. Fernandes, Alex B. Vieira, Edelberto F. Silva, Diogo M. F. Mattos. A survey on data analysis on large-Scale wireless networks: online stream processing, trends, and challenges. Journal of Internet Services and Applications. 2020; 11 (1):1-48.

Chicago/Turabian Style

Dianne S. V. Medeiros; Helio N. Cunha Neto; Martin Andreoni Lopez; Luiz Claudio S. Magalhães; Natalia C. Fernandes; Alex B. Vieira; Edelberto F. Silva; Diogo M. F. Mattos. 2020. "A survey on data analysis on large-Scale wireless networks: online stream processing, trends, and challenges." Journal of Internet Services and Applications 11, no. 1: 1-48.

Correction
Published: 29 January 2020 in Annals of Telecommunications
Reads 0
Downloads 0

The funding information in the original manuscript is incorrect, the correct information should be the below:

ACS Style

Helio N. Cunha Neto; Martin Andreoni Lopez; Natalia C. Fernandes; Diogo M. F. Mattos. Correction to: MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking. Annals of Telecommunications 2020, 75, 487 -487.

AMA Style

Helio N. Cunha Neto, Martin Andreoni Lopez, Natalia C. Fernandes, Diogo M. F. Mattos. Correction to: MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking. Annals of Telecommunications. 2020; 75 (7-8):487-487.

Chicago/Turabian Style

Helio N. Cunha Neto; Martin Andreoni Lopez; Natalia C. Fernandes; Diogo M. F. Mattos. 2020. "Correction to: MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking." Annals of Telecommunications 75, no. 7-8: 487-487.

Article
Published: 08 January 2020 in Annals of Telecommunications
Reads 0
Downloads 0

Covert mining of cryptocurrency implies the use of valuable computing resources and high energy consumption. In this paper, we propose MineCap, a dynamic online mechanism for detecting and blocking covert cryptocurrency mining flows, using machine learning on software-defined networking. The proposed mechanism relies on Spark Streaming for online processing of network flows, and, when identifying a mining flow, it requests the flow blocking to the network controller. We also propose a learning technique called super incremental learning, a variant of the super learner applied to online learning, which takes the classification probabilities of an ensemble of classifiers as features for an incremental learning classifier. Hence, we design an accurate mechanism to classify mining flows that learn with incoming data with an average of 98% accuracy, 99% precision, 97% sensitivity, and 99.9% specificity and avoid concept drift–related issues.

ACS Style

Helio N. Cunha Neto; Martin Andreoni Lopez; Natalia C. Fernandes; Diogo Mattos. MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking. Annals of Telecommunications 2020, 75, 121 -131.

AMA Style

Helio N. Cunha Neto, Martin Andreoni Lopez, Natalia C. Fernandes, Diogo Mattos. MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking. Annals of Telecommunications. 2020; 75 (3-4):121-131.

Chicago/Turabian Style

Helio N. Cunha Neto; Martin Andreoni Lopez; Natalia C. Fernandes; Diogo Mattos. 2020. "MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking." Annals of Telecommunications 75, no. 3-4: 121-131.

Research article
Published: 21 May 2019 in Concurrency and Computation: Practice and Experience
Reads 0
Downloads 0

The late detection of security threats causes a significant increase in the risk of irreparable damages and restricts any defense attempt. In this paper, we propose a sCAlable TRAffic Classifier and Analyzer (CATRACA). CATRACA works as an efficient online Intrusion Detection and Prevention System implemented as a Virtualized Network Function. CATRACA is based on Apache Spark, a Big Data Streaming processing system, and it is deployed over the Open Platform for Network Functions Virtualization (OPNFV), providing an accurate real‐time threat‐detection service. The system presents a friendly graphical interface that provides real‐time visualization of the traffic and the attacks that occur in the network. Our prototype can differentiate normal traffic from denial of service (DoS) attacks and vulnerability probes over 95% accuracy under three different datasets. Moreover, CATRACA handles streaming data under concept drift detection with more than 85% of accuracy.

ACS Style

Martin Andreoni Lopez; Diogo Mattos; Otto Carlos M. B. Duarte; Guy Pujolle. Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data. Concurrency and Computation: Practice and Experience 2019, 31, e5344 .

AMA Style

Martin Andreoni Lopez, Diogo Mattos, Otto Carlos M. B. Duarte, Guy Pujolle. Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data. Concurrency and Computation: Practice and Experience. 2019; 31 (20):e5344.

Chicago/Turabian Style

Martin Andreoni Lopez; Diogo Mattos; Otto Carlos M. B. Duarte; Guy Pujolle. 2019. "Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data." Concurrency and Computation: Practice and Experience 31, no. 20: e5344.

Article
Published: 31 August 2018 in Annals of Telecommunications
Reads 0
Downloads 0

Identifying a network misuse takes days or even weeks, and network administrators usually neglect zero-day threats until a large number of malicious users exploit them. Besides, security applications, such as anomaly detection and attack mitigation systems, must apply real-time monitoring to reduce the impacts of security incidents. Thus, information processing time should be as small as possible to enable an effective defense against attacks. In this paper, we present a fast preprocessing method for network traffic classification based on feature correlation and feature normalization. Our proposed method couples a normalization and feature selection algorithms. We evaluate the proposed algorithms against three different datasets for eight different machine learning classification algorithms. Our proposed normalization algorithm reduces the classification error rate when compared with traditional methods. Our feature selection algorithm chooses an optimized subset of features improving accuracy by more than 11% within a 100-fold reduction in processing time when compared to traditional feature selection and feature reduction algorithms. The preprocessing method is performed in batch and streaming data, being able to detect concept-drift.

ACS Style

Martin Andreoni Lopez; Diogo Mattos; Otto Carlos M. B. Duarte; Guy Pujolle. A fast unsupervised preprocessing method for network monitoring. Annals of Telecommunications 2018, 74, 139 -155.

AMA Style

Martin Andreoni Lopez, Diogo Mattos, Otto Carlos M. B. Duarte, Guy Pujolle. A fast unsupervised preprocessing method for network monitoring. Annals of Telecommunications. 2018; 74 (3-4):139-155.

Chicago/Turabian Style

Martin Andreoni Lopez; Diogo Mattos; Otto Carlos M. B. Duarte; Guy Pujolle. 2018. "A fast unsupervised preprocessing method for network monitoring." Annals of Telecommunications 74, no. 3-4: 139-155.

Conference paper
Published: 01 May 2018 in 2018 IEEE International Conference on Communications (ICC)
Reads 0
Downloads 0

Attackers create new threats and constantly change their behavior to mislead security systems. In this paper, we propose an adaptive threat detection architecture that trains its detection models in real time. The major contributions of the proposed architecture are: i) gather data about zero-day attacks and attacker behavior using honeypots in the network; ii) process data in real time and achieve high processing throughput through detection schemes implemented with stream processing technology; iii) use of two real datasets to evaluate our detection schemes, the first from a major network operator in Brazil and the other created in our lab; iv) design and development of adaptive detection schemes including both online trained supervised classification schemes that update their parameters in real time and learn zero-day threats from the honeypots, and online trained unsupervised anomaly detection schemes that model legitimate user behavior and adapt to changes. The performance evaluation results show that proposed architecture maintains an excellent trade-off between threat detection and false positive rates and achieves high classification accuracy of more than 90%, even with legitimate behavior changes and zero-day threats.

ACS Style

Antonio Gonzalez Pastana Lobato; Martin Andreoni Lopez; Igor Jochem Sanz; Alvaro A. Cardenas; Otto Carlos M. B. Duarte; Guy Pujolle. An Adaptive Real-Time Architecture for Zero-Day Threat Detection. 2018 IEEE International Conference on Communications (ICC) 2018, 1 -6.

AMA Style

Antonio Gonzalez Pastana Lobato, Martin Andreoni Lopez, Igor Jochem Sanz, Alvaro A. Cardenas, Otto Carlos M. B. Duarte, Guy Pujolle. An Adaptive Real-Time Architecture for Zero-Day Threat Detection. 2018 IEEE International Conference on Communications (ICC). 2018; ():1-6.

Chicago/Turabian Style

Antonio Gonzalez Pastana Lobato; Martin Andreoni Lopez; Igor Jochem Sanz; Alvaro A. Cardenas; Otto Carlos M. B. Duarte; Guy Pujolle. 2018. "An Adaptive Real-Time Architecture for Zero-Day Threat Detection." 2018 IEEE International Conference on Communications (ICC) , no. : 1-6.

Conference paper
Published: 01 February 2018 in 2018 Fourth International Conference on Mobile and Secure Services (MobiSecServ)
Reads 0
Downloads 0

Network Function Virtualization (NFV) provides new opportunities for efficient and low-cost security solutions. Real-time traffic monitoring and fast security threat detection is a challenge to reduce the risk of great damages. In this paper, we propose a virtualized network function in an Open Source Platform for providing a real-time threat detection service. Our function combines cloud computing and distributed stream processing techniques to accurately and quickly detect threats. The proposed virtualized network function shows a good elasticity shrinking and scaling accordingly to the required load. The results show that the proposed function is able to scale dynamically, analyzing more than five million messages per second. In addition, the function easily migrates sensor elements to reduce latency, allowing the sensor to be located as near as possible to the client.

ACS Style

Martin Andreoni Lopez; Antonio Gonzalez Pastana Lobato; Otto Carlos M. B. Duarte; Guy Pujolle. An evaluation of a virtual network function for real-time threat detection using stream processing. 2018 Fourth International Conference on Mobile and Secure Services (MobiSecServ) 2018, 1 -5.

AMA Style

Martin Andreoni Lopez, Antonio Gonzalez Pastana Lobato, Otto Carlos M. B. Duarte, Guy Pujolle. An evaluation of a virtual network function for real-time threat detection using stream processing. 2018 Fourth International Conference on Mobile and Secure Services (MobiSecServ). 2018; ():1-5.

Chicago/Turabian Style

Martin Andreoni Lopez; Antonio Gonzalez Pastana Lobato; Otto Carlos M. B. Duarte; Guy Pujolle. 2018. "An evaluation of a virtual network function for real-time threat detection using stream processing." 2018 Fourth International Conference on Mobile and Secure Services (MobiSecServ) , no. : 1-5.

Conference paper
Published: 01 October 2017 in 2017 1st Cyber Security in Networking Conference (CSNet)
Reads 0
Downloads 0

One of the strongest defenses from cyber-threats today is the use of intrusion detection systems. Port scanning is usually the first action that precedes an intrusion. In turn, the use of virtual network functions (VNF) for cloud computing has become a powerful tool for tenants to provide network functions in high-speed networks. In this paper, we propose a virtual network function to detect distributed port scanning based on a cooperative architecture and on the programmable open source intrusion detection system Bro. The contribution of this paper are fourfold: i) the detection of ACK and NULL scan techniques; ii) the detection of the scan techniques TCP Connect, SYN, FIN, XMAS, ACK and NULL performed in a slow and distributed manner; iii) an architecture for cooperation between VNFs that shares historical logs of scans to improve scan detection in the cloud; iv) an implementation of a prototype of the proposed VNF in the Open Platform for Network Function Virtualization (OPNFV). Our prototype uses the Network Function Virtualization architecture from ETSI and respects the Service Function Chaining standards from IETF. We evaluate our prototype and the results show that we are able to detect all port scanning techniques with a high precision rate.

ACS Style

Igor Jochem Sanz; Martin Andreoni Lopez; Diogo Mattos; Otto Carlos Muniz Bandeira Duarte. A cooperation-aware virtual network function for proactive detection of distributed port scanning. 2017 1st Cyber Security in Networking Conference (CSNet) 2017, 1 -8.

AMA Style

Igor Jochem Sanz, Martin Andreoni Lopez, Diogo Mattos, Otto Carlos Muniz Bandeira Duarte. A cooperation-aware virtual network function for proactive detection of distributed port scanning. 2017 1st Cyber Security in Networking Conference (CSNet). 2017; ():1-8.

Chicago/Turabian Style

Igor Jochem Sanz; Martin Andreoni Lopez; Diogo Mattos; Otto Carlos Muniz Bandeira Duarte. 2017. "A cooperation-aware virtual network function for proactive detection of distributed port scanning." 2017 1st Cyber Security in Networking Conference (CSNet) , no. : 1-8.

Conference paper
Published: 01 October 2017 in 2017 1st Cyber Security in Networking Conference (CSNet)
Reads 0
Downloads 0

Broadband Internet access security relies in the implementation of perimeter policies and in the adoption of access control lists. These measures are precarious because they are based on common and not frequently updated profiles that lack residential users threat information. In this paper, we analyze and profile residential users traffic from fixed broadband Internet access networks of a large telecommunication operator for a period of one week, and we obtain the profile of security alarms generated by an intrusion detection system. The results show that the proposed characterization allows the classification of alerts with a sensitivity of 93% in the differentiation of legitimate and anomalous flows and allows a 73% reduction of the traffic directed to the traffic analyzer, thus validating the collected dataset and enabling more dynamic and efficient access network security.

ACS Style

Martin Andreoni Lopez; Renato Silva; Igor D. Alvarenga; Gabriel A. F. Rebello; Igor J. Sanz; Antonio G. P. Lobato; Diogo Mattos; Otto C. M. B. Duarte; Guy Pujolle. Collecting and characterizing a real broadband access network traffic dataset. 2017 1st Cyber Security in Networking Conference (CSNet) 2017, 1 -8.

AMA Style

Martin Andreoni Lopez, Renato Silva, Igor D. Alvarenga, Gabriel A. F. Rebello, Igor J. Sanz, Antonio G. P. Lobato, Diogo Mattos, Otto C. M. B. Duarte, Guy Pujolle. Collecting and characterizing a real broadband access network traffic dataset. 2017 1st Cyber Security in Networking Conference (CSNet). 2017; ():1-8.

Chicago/Turabian Style

Martin Andreoni Lopez; Renato Silva; Igor D. Alvarenga; Gabriel A. F. Rebello; Igor J. Sanz; Antonio G. P. Lobato; Diogo Mattos; Otto C. M. B. Duarte; Guy Pujolle. 2017. "Collecting and characterizing a real broadband access network traffic dataset." 2017 1st Cyber Security in Networking Conference (CSNet) , no. : 1-8.

Conference paper
Published: 01 December 2016 in 2016 IEEE Global Communications Conference (GLOBECOM)
Reads 0
Downloads 0

Distributed stream processing platforms is a new class of real-time monitoring systems that analyze and extracts knowledge from large continuous streams of data. This type of systems is crucial for providing high throughput and low latency required by Big Data or Internet of Things monitoring applications. This paper describes and analyzes three main open-source distributed stream- processing platforms: Storm Flink, and Spark Streaming. We analyze the system architectures and we compare their main features. We carry out two experiments concerning anomaly detection on network traffic to evaluate the throughput efficiency and the resilience to node failures. Results show that the performance of native stream processing systems, Storm and Flink, is up to 15 times higher than the micro-batch processing system, Spark Streaming. On the other hand, Spark Streaming is more robust to node failures and provides recovery without losses.

ACS Style

Martin Andreoni Lopez; Antonio Gonzalez Pastana Lobato; Otto Carlos M. B. Duarte. A Performance Comparison of Open-Source Stream Processing Platforms. 2016 IEEE Global Communications Conference (GLOBECOM) 2016, 1 -6.

AMA Style

Martin Andreoni Lopez, Antonio Gonzalez Pastana Lobato, Otto Carlos M. B. Duarte. A Performance Comparison of Open-Source Stream Processing Platforms. 2016 IEEE Global Communications Conference (GLOBECOM). 2016; ():1-6.

Chicago/Turabian Style

Martin Andreoni Lopez; Antonio Gonzalez Pastana Lobato; Otto Carlos M. B. Duarte. 2016. "A Performance Comparison of Open-Source Stream Processing Platforms." 2016 IEEE Global Communications Conference (GLOBECOM) , no. : 1-6.

Conference paper
Published: 01 November 2016 in 2016 7th International Conference on the Network of the Future (NOF)
Reads 0
Downloads 0

Enterprise networks widely deploy middleboxes to apply load-balancing techniques, to enforce policy compliance, and to improve security. Middlebox platforms, however, are closed systems and expensive. In turn, Network Function Virtualization (NFV) allows to deploy packet-processing middleboxes as virtual network functions, and to decouple the function from the physical realization. In this paper, we address the challenge of efficiently chaining virtual network functions. We propose and compare four heuristics for allocating virtual network functions over a network topology. Our proposal focuses on a greedy algorithm that allocates on demand a sequence of virtual network functions. We compare our four heuristics: (i) minimum introduced latency between source and destination nodes; (ii) minimum resource usage on the network nodes; (iii) the most central nodes first; and (iv) weighted decision between minimum latency and resource usage. We simulate our proposal over a real network topology, and the results show that we allocate 53% more requests when using the resource usage heuristic, and we reduce into 52% the average delay when using the latency heuristic.

ACS Style

Martin Andreoni Lopez; Diogo M. F. Mattos; Otto Carlos M. B. Duarte. Evaluating allocation heuristics for an efficient virtual Network Function chaining. 2016 7th International Conference on the Network of the Future (NOF) 2016, 1 -5.

AMA Style

Martin Andreoni Lopez, Diogo M. F. Mattos, Otto Carlos M. B. Duarte. Evaluating allocation heuristics for an efficient virtual Network Function chaining. 2016 7th International Conference on the Network of the Future (NOF). 2016; ():1-5.

Chicago/Turabian Style

Martin Andreoni Lopez; Diogo M. F. Mattos; Otto Carlos M. B. Duarte. 2016. "Evaluating allocation heuristics for an efficient virtual Network Function chaining." 2016 7th International Conference on the Network of the Future (NOF) , no. : 1-5.

Journal article
Published: 05 March 2016 in Annals of Telecommunications
Reads 0
Downloads 0

Internal users are the main causes of anomalous and suspicious behaviors in a communication network. Even when traditional security middleboxes are present, internal attacks may lead the network to outages or to leakage of sensitive information. In this article, we propose BroFlow, an Intrusion Detection and Prevention System based on Bro traffic analyzer and on the global network view of the software-defined networks (SDN) which is provided by the OpenFlow. BroFlow main contributions are (i) dynamic and elastic resource provision of traffic-analyzing machines under demand; (ii) real-time detection of DoS attacks through simple algorithms implemented in a policy language for network events; (iii) immediate reaction to DoS attacks, dropping malicious flows close of their sources, and (iv) near-optimal placement of sensors through a proposed heuristic for strategically positioning sensors in the network infrastructure, which is shared by multi-tenants, with a minimum number of sensors. We developed a prototype of the proposed system, and we evaluated it in a virtual environment of the Future Internet Testbed with Security (FITS). An evaluation of the system under attack shows that BroFlow guarantees the forwarding of legitimate packets at the maximal link rate, reducing up to 90 % of the maximal network delay caused by the attack. BroFlow reaches 50 % of bandwidth gain when compared with conventional firewalls approaches, even when the attackers are legitimate tenants acting in collusion. In addition, the system reduces the sensors number, while keeping full coverage of network flows.

ACS Style

Martin Andreoni Lopez; Diogo Menezes Ferrazani Mattos; Otto Carlos M. B. Duarte. An elastic intrusion detection system for software networks. Annals of Telecommunications 2016, 71, 595 -605.

AMA Style

Martin Andreoni Lopez, Diogo Menezes Ferrazani Mattos, Otto Carlos M. B. Duarte. An elastic intrusion detection system for software networks. Annals of Telecommunications. 2016; 71 (11-12):595-605.

Chicago/Turabian Style

Martin Andreoni Lopez; Diogo Menezes Ferrazani Mattos; Otto Carlos M. B. Duarte. 2016. "An elastic intrusion detection system for software networks." Annals of Telecommunications 71, no. 11-12: 595-605.

Conference paper
Published: 01 June 2015 in 2015 IEEE International Conference on Communications (ICC)
Reads 0
Downloads 0

This paper presents BroFlow, an Intrusion Detection and Prevention System based on Bro traffic analyzer, and on the global network-view feature of OpenFlow Application Programming Interface. BroFlow main contributions are: i) dynamic and elastic resource provision of machines under demand; ii) real-time detection of DoS attacks through simple algorithms implemented in a policy language for network events; iii) immediate reaction to DoS attacks and malicious packets, dropping flows close from their source; iv) strategic sensor positioning for attack detection in the network infrastructure shared by multi-tenants. A system prototype was developed and evaluated in the virtual environment Future Testbed Internet with Security (FITS). An evaluation of the system under attack shows that BroFlow guarantees the forwarding of legitimate packets at the maximal link rate, up to 90% reduction of the maximal network delay caused by the attack, and 50% of bandwidth gain compared with conventional firewalls approaches, even when the attackers are legitimate tenants acting in collusion.

ACS Style

Martin Andreoni Lopez; Otto Carlos M. B. Duarte; Andreoni Lopez M.; Duarte O.C.M.B.. Providing elasticity to intrusion detection systems in virtualized Software Defined Networks. 2015 IEEE International Conference on Communications (ICC) 2015, 7120 -7125.

AMA Style

Martin Andreoni Lopez, Otto Carlos M. B. Duarte, Andreoni Lopez M., Duarte O.C.M.B.. Providing elasticity to intrusion detection systems in virtualized Software Defined Networks. 2015 IEEE International Conference on Communications (ICC). 2015; ():7120-7125.

Chicago/Turabian Style

Martin Andreoni Lopez; Otto Carlos M. B. Duarte; Andreoni Lopez M.; Duarte O.C.M.B.. 2015. "Providing elasticity to intrusion detection systems in virtualized Software Defined Networks." 2015 IEEE International Conference on Communications (ICC) , no. : 7120-7125.

Conference paper
Published: 01 September 2012 in 2012 Sixth IEEE/PES Transmission and Distribution: Latin America Conference and Exposition (T&D-LA)
Reads 0
Downloads 0

This paper describes the implementation of a wireless remote monitoring and control system of a solar photovoltaic distributed generator (PV-DG) for microgrids applications. To this aim, a small-scale PV-DG system is implemented using a 1.28 kWp assembly of PV polycrystalline modules connected to a single-phase utility grid through a commercial inverter. Then, a flexible, robust and reliable measurement and control system based on wireless sensor network (WSN) architecture is deployed. The wireless communication technology utilizes a full duplex digital system using the ZigBee protocol, based on the IEEE 802.15.4 standard for Wireless Personal Area Network (WPAN). The supervisory control system is implemented on a digital signal processor (DSP) and a human-machine interface (HMI) software is developed for interacting with and managing remote sensor systems (RSSs).

ACS Style

Martin E. Andreoni Lopez; Francisco J. Galdeano Mantinan; Marcelo G. Molina. Implementation of wireless remote monitoring and control of solar photovoltaic (PV) system. 2012 Sixth IEEE/PES Transmission and Distribution: Latin America Conference and Exposition (T&D-LA) 2012, 1 -6.

AMA Style

Martin E. Andreoni Lopez, Francisco J. Galdeano Mantinan, Marcelo G. Molina. Implementation of wireless remote monitoring and control of solar photovoltaic (PV) system. 2012 Sixth IEEE/PES Transmission and Distribution: Latin America Conference and Exposition (T&D-LA). 2012; ():1-6.

Chicago/Turabian Style

Martin E. Andreoni Lopez; Francisco J. Galdeano Mantinan; Marcelo G. Molina. 2012. "Implementation of wireless remote monitoring and control of solar photovoltaic (PV) system." 2012 Sixth IEEE/PES Transmission and Distribution: Latin America Conference and Exposition (T&D-LA) , no. : 1-6.