Visible to the public Biblio

Filters: Author is Vasilomanolakis, E.  [Clear All Filters]
2021-04-29
Fejrskov, M., Pedersen, J. M., Vasilomanolakis, E..  2020.  Cyber-security research by ISPs: A NetFlow and DNS Anonymization Policy. :1—8.

Internet Service Providers (ISPs) have an economic and operational interest in detecting malicious network activity relating to their subscribers. However, it is unclear what kind of traffic data an ISP has available for cyber-security research, and under which legal conditions it can be used. This paper gives an overview of the challenges posed by legislation and of the data sources available to a European ISP. DNS and NetFlow logs are identified as relevant data sources and the state of the art in anonymization and fingerprinting techniques is discussed. Based on legislation, data availability and privacy considerations, a practically applicable anonymization policy is presented.

2017-03-07
Cordero, C. G., Vasilomanolakis, E., Milanov, N., Koch, C., Hausheer, D., Mühlhäuser, M..  2015.  ID2T: A DIY dataset creation toolkit for Intrusion Detection Systems. 2015 IEEE Conference on Communications and Network Security (CNS). :739–740.

Intrusion Detection Systems (IDSs) are an important defense tool against the sophisticated and ever-growing network attacks. These systems need to be evaluated against high quality datasets for correctly assessing their usefulness and comparing their performance. We present an Intrusion Detection Dataset Toolkit (ID2T) for the creation of labeled datasets containing user defined synthetic attacks. The architecture of the toolkit is provided for examination and the example of an injected attack, in real network traffic, is visualized and analyzed. We further discuss the ability of the toolkit of creating realistic synthetic attacks of high quality and low bias.