Clasificador de logs de acceso para detección de incidentes de ciberseguridad

The number of attacks on government websites has escalated in the last years. In order to assist in the detection process conducted by cybersecurity analysts, this document suggests implementing machine learning techniques over web server access logs. The overall objective is to optimize the detection time using a customized classifier which selects traces corresponding to anomalous activity. Specifically, web server combined log format (CLF) access logs coded as real vectors are an input to a weighted K-NN nearest neighbors’ model. The methodology was tested on datasets and premises provided by the CERTuy (National Cybersecurity Event Response Team) and the SOC (Security Operations Center). According to evaluations 82% of cybersecurity offenses have been detected, 80% of normal behavior has been filtered and the reduction time has been reduced from 13 hours to 15 minutes.Recientemente los sitios web de los gobiernos en el mundo han sido objeto de ataques informáticos. Por ello urge una solución que asista a los analistas de ciberseguridad a detectar los incidentes con rapidez. Para optimizar el tiempo de detección en el proyecto se desarrolló un clasificador que filtre líneas de logs de servidores web en formato CLF (Combined Log Format) que indican comportamiento anómalo. Para ello, se codifican los logs de acceso en representación vectorial y luego se usa el algoritmo de aprendizaje automático K-NN ponderado (K vecinos más próximos) para filtrar los logs. Los datos de entrada fueron provistos por el CERTuy (Equipo de Respuesta ante Emergencias Informáticas) y el SOC (Centro de Operaciones de Seguridad). De las pruebas realizadas sobre el servicio de clasificación, se detectó el 82% de ofensas de ciberseguridad de un conjunto de datos asociado, se logró filtrar el 80% de logs que indican comportamiento normal y se disminuyó el tiempo de detección de logs que indican comportamiento anómalo de 13 horas a 15 minutos

Smile, photo! alcohol consumption and technology use by young people in a Spanish rural area

This work has been supported by the Ministry of Science and Innovation. "R&D&I Projects of the State Programs for the Creation of Knowledge and the Enhancement of Science and Technology of the R&D&I System and R&D&I Oriented toward the Challenges of Society", 2019 (PID2019-105122RB-I00/ AEI / 10.13039/501100011033).Also, we would like to thank James Hayes (JDH Translations) for the English translation of this article, as well as the anonymous reviewers and the journal editor whose comments helped to improve this article.The lifestyles and consumption of today are marked by increasingly global cultural patterns, and rural young people share the aspirations and needs of the postmodern western world. Rural spaces are not oblivious to the neoliberal leisure model of alcohol consumption that is the trend in cities, nor to the massive, connective use of modern networks. The principal objective of the present study is to find out how rural young men and women construct their social identity through their use and abuse of alcohol, as well as though their portrayal online in social networking sites. To this end, a qualitative methodology is used, by means of in-depth interviews (N=40) of young people (22 women and 18 men) between the ages of 18 and 24 who live in rural areas in the north of Extremadura (Spain). The results show how these practices become important identitarian elements for the young men and women, which contribute to their social inclusion in rural life, characterized by a blend of signs of today’s markedly global society mixed with the weight of traditional gender roles and strong social control.Spanish GovernmentR&D&I System and R&D&I Oriented toward the Challenges of Society PID2019-105122RB-I00/ AEI / 10.13039/50110001103