• Publications
  • Influence
A Performance Comparison of Open-Source Stream Processing Platforms
TLDR
The performance of native stream processing systems, Storm and Flink, is up to 15 times higher than the micro-batch processing system, Spark Streaming. Expand
An elastic intrusion detection system for software networks
TLDR
We propose BroFlow, an Intrusion Detection and Prevention System based on Bro traffic analyzer and on the global network view of the software-defined networks (SDN) which is provided by OpenFlow. Expand
MineCap: super incremental learning for detecting and blocking cryptocurrency mining on software-defined networking
TLDR
We propose MineCap, a dynamic online mechanism for detecting and blocking covert cryptocurrency mining flows, using machine learning on software-defined networking. Expand
Experimenting Content-Centric Networks in the future internet testbed environment
TLDR
Future Internet Testbed with Security (FITS) is a testbed for experimenting Next-Generation Internet proposals that provides two virtualization schemes based on Xen and on OpenFlow. Expand
A fast unsupervised preprocessing method for network monitoring
TLDR
We present a fast preprocessing method for network traffic classification based on feature correlation and feature normalization. Expand
Providing elasticity to intrusion detection systems in virtualized Software Defined Networks
TLDR
This paper presents BroFlow, an Intrusion Detection and Prevention System based on Bro traffic analyzer, and on the global network-view feature of OpenFlow Application Programming Interface. Expand
An evaluation of a virtual network function for real-time threat detection using stream processing
TLDR
In this paper, we propose a virtualized network function in an Open Source Platform for providing a real-time threat detection service. Expand
An Accurate Threat Detection System through Real-Time Stream Processing
The late detection of security threats causes a significant increase in the risk of irreparable damages, disabling any defense attempt. All attacks leave detectable traces, even though most of themExpand
An Adaptive Real-Time Architecture for Zero-Day Threat Detection
TLDR
We propose an adaptive real-time threat detection architecture that uses honeypot data to learn zero-day attacks. Expand
Collecting and characterizing a real broadband access network traffic dataset
TLDR
We analyze and profile residential users traffic from fixed broadband Internet access networks of a large telecommunication operator for a period of one week, and we obtain the profile of security alarms generated by an intrusion detection system. Expand
...
1
2
...