Aplicativo WEB de experiencias pedagógicas relacionadas con aplicaciones de redes de computadores

El artículo muestra los resultados relacionados con uno de los procesos de investigación que se han venido gestando desde el programa de Tecnología en Informática y Telecomunicaciones de la Corporación Universitaria de la Costa–CUC, en lo que tiene que ver con el fortalecimiento del proceso académico en el área de redes de computadores

Linux ubuntu server

Existen en la actualidad gran variedad de distribuciones libres del Sistema Operativo Linux, el cual ha ganado un espacio preponderante por sus características de multiusuario, multitarea, estabilidad, seguridad, conectividad, escalabilidad y compatibilidad con gran variedad de aplicaciones. Una de las distribuciones más usadas en diferentes ámbitos, entre ellos el científico, académico, industrial y comercial, es la distribución UBUNTU, ésta ha sido patrocinada por la empresa Canonical Ltda, organización británica propiedad del sudafricano Mark Shuttleworth. UBUNTU posee múltiples herramientas de configuración de servicios tales como DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System), LDAP y SAMBA, PROXY y el servidor WEB APACHE, entre otros. Por ello su funcionalidad es bastante amplia en lo referente a procesos de configuración de servicios para estaciones de trabajo y servidores. Organización británica propiedad del sudafricano Mark Shuttleworth. UBUNTU posee múltiples herramientas de configuración de servicios tales como DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System), LDAP y SAMBA, PROXY y el servidor WEB APACHE, entre otros. Por ello su funcionalidad es bastante amplia en lo referente a procesos de configuración de servicios para estaciones de trabajo y servidores

PCA filtering and probabilistic SOM for network intrusion detection

The growth of the Internet and, consequently, the number of interconnected computers, has exposed significant amounts of information to intruders and attackers. Firewalls aim to detect violations according to a predefined rule-set and usually block potentially dangerous incoming traffic. However, with the evolution of attack techniques, it is more difficult to distinguish anomalies from normal traffic. Different detection approaches have been proposed, including the use of machine learning techniques based on neural models such as Self-Organizing Maps (SOMs). In this paper, we present a classification approach that hybridizes statistical techniques and SOM for network anomaly detection. Thus, while Principal Component Analysis (PCA) and Fisher Discriminant Ratio (FDR) have been considered for feature selection and noise removal, Probabilistic Self-Organizing Maps (PSOM) aim to model the feature space and enable distinguishing between normal and anomalous connections

Association rules implementation for affinity analysis between elements composing multimedia objects

The multimedia objects are a constantly growing resource in the world wide web, consequently it has generated as a necessity the design of methods and tools that allow to obtain new knowledge from the information analyzed. Association rules are a technique of Data Mining, whose purpose is to search for correlations between elements of a collection of data (data) as support for decision making from the identification and analysis of these correlations. Using algorithms such as: A priori, Frequent Parent Growth, QFP Algorithm, CBA, CMAR, CPAR, among others. On the other hand, multimedia applications today require the processing of unstructured data provided by multimedia objects, which are made up of text, images, audio and videos. For the storage, processing and management of multimedia objects, solutions have been generated that allow efficient search of data of interest to the end user, considering that the semantics of a multimedia object must be expressed by all the elements that composed of. In this article an analysis of the state of the art in relation to the implementation of the Association Rules in the processing of Multimedia objects is made, in addition the analysis of the consulted literature allows to generate questions about the possibility of generating a method of association rules for the analysis of these objects.Universidad de la Costa, Universidad Pontificia Bolivariana

Feature selection, learning metrics and dimension reduction in training and classification processes in intrusion detection systems

This research presents an IDS prototype in Matlab that assess network traffic connections contained in the NSL-KDD dataset, comparing feature selection techniques available in FEAST toolbox, refining prior results applying dimension reduction technique ISOMAP. The classification process used a supervised learning technique called Support Vector Machines (SVM). The comparative analysis related to detection rates by attack category are conclusive that MRMR+PCA+SVM (selection, reduction and classification techniques) combined obtained more promising results, just using 5 of 41 available features in the dataset. The results obtained were: 85.42% normal traffic, 80.77% DoS, 90.41% Probe, 91.78% U2R and 83.25% R2L

Feature selection by multi-objective optimization: application to network anomaly detection by hierarchical self-organizing maps.

Feature selection is an important and active issue in clustering and classification problems. By choosing an adequate feature subset, a dataset dimensionality reduction is allowed, thus contributing to decreasing the classification computational complexity, and to improving the classifier performance by avoiding redundant or irrelevant features. Although feature selection can be formally defined as an optimisation problem with only one objective, that is, the classification accuracy obtained by using the selected feature subset, in recent years, some multi-objective approaches to this problem have been proposed. These either select features that not only improve the classification accuracy, but also the generalisation capability in case of supervised classifiers, or counterbalance the bias toward lower or higher numbers of features that present some methods used to validate the clustering/classification in case of unsupervised classifiers. The main contribution of this paper is a multi-objective approach for feature selection and its application to an unsupervised clustering procedure based on Growing Hierarchical Self-Organizing Maps (GHSOM) that includes a new method for unit labelling and efficient determination of the winning unit. In the network anomaly detection problem here considered, this multi-objective approach makes it possible not only to differentiate between normal and anomalous traffic but also among different anomalies. The efficiency of our proposals has been evaluated by using the well-known DARPA/NSL-KDD datasets that contain extracted features and labeled attacks from around 2 million connections. The selected feature sets computed in our experiments provide detection rates up to 99.8% with normal traffic and up to 99.6% with anomalous traffic, as well as accuracy values up to 99.12%.This work has been funded by FEDER funds and the Ministerio de Ciencia e Innovación of the Spanish Government under Project No. TIN2012-32039

Navegador ontológico matemático-NOMAT

The query algorithms in search engines use indexing, contextual analysis and ontologies, among other techniques, for text search. However, they do not use equations due to their writing complexity. NOMAT is a prototype of mathematical expression search engine that seeks information both in thesaurus and internet, using ontological tool for filtering and contextualizing information and LaTeX editor for the symbols in these expressions. This search engine was created to support mathematical research. Compared to other Internet search engines, NOMAT does not require prior knowledge of LaTeX, because has an editing tool which enables writing directly the symbols that make up the mathematical expression of interest. The results obtained were accurate and contextualized, compared to other commercial and no-commercial search engines.Los algoritmos de consulta de los motores de búsqueda utilizan indexación, análisis contextual y ontologías, entre otras técnicas, para la búsqueda de texto. Sin embargo, no utilizan ecuaciones debido a su complejidad de escritura. Nomat es un prototipo de motor de búsqueda de expresión matemática que busca información tanto en tesauro como en Internet, utilizando la Herramienta ontológica para filtrar y contextualizar información y editor de látex para los símbolos de estas expresiones. Este buscador fue creado para apoyar la investigación matemática. En comparación con otros motores de búsqueda de Internet, Nomat no requiere conocimientos previos de látex, ya que cuenta con una herramienta de edición que permite escribir directamente los símbolos que componen la expresión matemática de interés. Los resultados obtenidos fueron precisos y contextualizados, en comparación con otros motores de búsqueda comerciales y no comerciales

Voltage sensitivity analysis to determine the optimal integration of distributed generation in distribution systems

This paper presents a voltage sensitivity analysis with respect to the real power injected with renewable energies to determine the optimal integration of distributed generation (DG) in distribution systems (DS). The best nodes where the power injections improve voltages magnitudes complying with the constraints are determined. As it is a combinatorial problem, particle swarm optimization (PSO) and simulated annealing (SA) were used to change injections from 10% to 60% of the total power load using solar and wind generators and find the candidate nodes for installing power sources. The method was tested using the 33-node, 69-node and 118-node radial distribution networks. The results showed that the best nodes for injecting real power with renewable energies were selected for the distribution network by using the voltage sensitivity analysis. Algorithms found the best nodes for the three radial distribution networks with similar values in the maximum injection of real power, suggesting that this value maintains for all the power system cases. The injections applied to the different nodes showed that voltage magnitudes increase significantly, especially when exceeding the maximum penetration of DG. The test showed that some nodes support injections up to the limits, but the voltages increase considerably on all nodes

Intrusion detection model in network systems, making feature selection with fdr and classification-training stages with s

Los Sistemas de Detección de Intrusos (IDS, por sus siglas en inglés) comerciales actuales clasifican el tráfico de red, detectando conexiones normales e intrusiones, mediante la aplicación de métodos basados en firmas; ello conlleva problemas pues solo se detectan intrusiones previamente conocidas y existe desactualización periódica de la base de datos de firmas. En este artículo se evalúa la eficiencia de un modelo de detección de intrusiones de red propuesto, utilizando métricas de sensibilidad y especificidad, mediante un proceso de simulación que emplea el dataset NSL-KDD DARPA, seleccionando de éste las características más relevantes con FDR y entrenando una red neuronal que haga uso de un algoritmo de aprendizaje no supervisado basado en mapas auto-organizativos, con el propósito de clasificar el tráfico de la red en conexiones normales y ataques, de forma automática. La simulación generó métricas de sensibilidad del 99,69% y de especificidad del 56,15% utilizando 20 y 15 características, respectivamenteCurrent commercial IDSs classify network traffic, detecting both intrusions and normal con-nections by applying signature-based methods. This leads to problems since only intrusion detection previously known is detected and signature database is periodically outdated. This paper evaluates the efficiency of a proposed network intrusion detection model, using sen-sitivity and specificity metrics through a simulation process that uses the dataset NSL-KDD DARPA, selecting from this, the most relevant features with FDR and training a neural net-work that makes use of an unsupervised learning algorithm based on SOMs, in order to au-tomatically classify network’s traffic into normal and attack connections. Metrics generated by simulation were: sensitivity 99.69% and specificity 56.15%, using 20 and 15 features respectivel

Network Anomaly Detection with Bayesian Self-Organizing Maps

The growth of the Internet and consequently, the number of interconnected computers through a shared medium, has exposed a lot of relevant information to intruders and attackers. Firewalls aim to detect violations to a predefined rule set and usually block potentially dangerous incoming traffic. However, with the evolution of the attack techniques, it is more difficult to distinguish anomalies from the normal traffic. Different intrusion detection approaches have been proposed, including the use of artificial intelligence techniques such as neural networks. In this paper, we present a network anomaly detection technique based on Probabilistic Self-Organizing Maps (PSOM) to differentiate between normal and anomalous traffic. The detection capabilities of the proposed system can be modified without retraining the map, but only modifying the activation probabilities of the units. This deals with fast implementations of Intrusion Detection Systems (IDS) necessary to cope with current link bandwidths