Doutorado em Ciência da Computação
URI Permanente para esta coleção
Nível: Doutorado
Ano de início:
Conceito atual na CAPES:
Ato normativo:
Periodicidade de seleção:
Área(s) de concentração:
Url do curso:
Navegar
Navegando Doutorado em Ciência da Computação por Assunto "aprendizado de máquina"
Agora exibindo 1 - 1 de 1
Resultados por página
Opções de Ordenação
- ItemFuncionalidades e recursos nativos da computação em nuvem na detecção, identificação e mitigação de ataques a serviços e a clientes: uma contribuição pelo uso de aprendizado de máquina(Universidade Federal do Espírito Santo, 2021-10-29) Corrêa, João Henrique Gonçalves Medeiros; Villaca, Rodolfo da Silva; https://orcid.org/0000000280513978; http://lattes.cnpq.br/3755692723547807; https://orcid.org/0000-0002-8124-8985; http://lattes.cnpq.br/6143528226807891; Montalvão Filho, Jugurta Rosa; https://orcid.org/0000-0002-6659-6439; http://lattes.cnpq.br/4582408199121884; Martinello, Magnos; https://orcid.org/0000-0002-8111-1719; http://lattes.cnpq.br/7471111924336519; Garcia, Anilton Salles; https://orcid.org/0000-0002-2869-1734; http://lattes.cnpq.br/1029501009628001; Guimarães, Rafael Silva; https://orcid.org/0000-0001-6856-9576; http://lattes.cnpq.br/4909197952264922Attacks, whether denial-of-service or intrusion, are a permanent challenge in computer networks, with a further escalation due to migration of services to cloud computing environments. This new computing paradigm, in which services share the same infrastructure, potentializes the problems generated by these attacks, leading to disastrous consequences for users, enterprises, and corporations. In the literature, network middleboxes such as Deep Packet Inspectors are usually required to perform the task of detecting these attacks. These systems end up being dependent on attack signatures and specific protocols. Moreover, there is a great difficulty in locating the collection of traffic within the data center. Also, the insertion of these systems leads to an increase in service time, affecting metrics related to Quality-of-Service (QoS) and Experience (QoE). If traffic is being used in conjunction with encryption algorithms, the operation of these systems is impaired. Several cloud infrastructures have powerful native telemetry systems, commonly used for resource monitoring and billing. Our thesis here is that machine learning algorithms help deepen the analysis of the massive volumes of data extracted from the native data collection service of the cloud infrastructure, which provides monitoring of a multitude of metrics from both physical and virtual hosts. Thus, we use machine learning algorithms to process datasets collected from the service of native telemetry of the cloud infrastructure to perform the detection and identification. These datasets contain information from the victim virtual machine hosted in the cloud environment. After performing the detection and identification, mechanism of the cloud environment itself are used to mitigate attacks, as exemplified by autoscaling. To perform a proof-of-concept, we used an experimental environment, with the OpenStack cloud platform, with both DDoS and intrusion attacks. Telemetry data was used as input to machine learning algorithms to classify the presence of an attack. Results showed good accuracy and a good relationship between false positives and true positives to detect and identify attacks. Finally, the mitigation mechanism offered greater availability for clients during denial-of-service attacks.