Adrian Lara Petitdemange

Adrian Lara Petitdemange

Es estudiante: 
No
Programa en que estudia: 

Proyectos

Publicaciones

Classifying and Understanding Tor Traffic Using Tree-Based Models

Descripción:

Over the past years the use of anonymization services has gained significant relevance as more users are interested in protecting their data and privacy on the internet. One of the most popular ways to achieve this result is Tor. The anonymity and untraceability that Tor provides, however, can also be used by ill-intentioned users who try to take advantage of bypassing security control and policies. The Cybersecurity and Infrastructure Security Agency (CISA) mentions two methods of recognizing Tor traffic in the enterprise: indicator- or behavior-based analysis. The first one uses log analysis and lists of Tor exit nodes to identify the suspicious activity while the latter inspects patterns in TCP and UDP ports, DNS queries and inspecting the payload of the packets. In this paper, we propose a different approach using white-box machine learning models such as decision trees and Random Forest. On the one hand, our classifier achieves accuracy levels above 95%. On the other hand, our approach is the first one to allow understanding the importance of each traffic feature in the classification. Our results demonstrate that the TCP window size, the frame size and time related traffic features can be used to identify Tor traffic. In this paper we will describe a Machine Learning methodology used to identify Tor network traffic utilizing decision trees C5.0 and Random Forest. We followed a white-box approach and accomplished accuracy of over 95% in the prediction in both models. We also present an analysis of the importance of the top predictor variables.

Tipo de publicación: Conference Paper

Publicado en: 2020 IEEE Latin-American Conference on Communications (LATINCOM)

Emotions Classifier based on Facial Expressions

Descripción:

Emotion recognition is important in the context of smart buildings and IoT, because it allows the environment to have a better notion of the mood of the humans who are present. With a view to developing such projects, in this article we analyze the performance of an emotion classifier that uses a convolutional neural network. Specifically, we focus on analyzing the impact of the epochs and batch size hyperparameters. To do this, we propose an experimental design with the following hypothesis: "The number of epochs that the model trains and the size of the batch given by iteration in each epoch influence the accuracy of an emotion classifier built from networks. convolutional neurons using the VGG16 architecture".

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Asynchronous Detection of Slowloris Attacks Via Random Forests

Descripción:

An asynchronous classifier of network flows was developed to detect Slowloris attacks. This classifier was implemented using random forests and its effectiveness was measured by the area under the ROC curve. These random forests were trained from a public dataset. We sought to minimize the number of necessary features that are required to analyze the flows satisfactorily. Finally, it was shown that the chosen features can be used individually to obtain reliable detections in the classifier, with two of the three individual features having an area under the curve greater than 0.95.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Recognizing daily-life activities using sensor-collected data in a kitchen

Descripción:

This paper focuses on the recognition and classification of Activities of Daily Living (ADLs) that are carried out in a kitchen. To do this, a Recurrent Neural Network architecture of the Long-Short Term Memory (LSTM) type is implemented as a classifier. The ARAS dataset is used for training and evaluation. A classifier is obtained with an average value in the F1 metric of 95.33% for the chosen data set.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Detecting Malicious Domains using the Splunk Machine Learning Toolkit

Descripción:

Malicious domains are often hidden amongst benign DNS requests. Given that DNS traffic is generally permitted, blocking malicious requests is a challenge for most network defenses. Using machine learning to classify DNS requests enables a scalable alternative to programmable blocklists. Studies in this field often reduce their dataset scope to a a single attack behavior. However, organizations are being hit by a myriad of attack patterns across multiple objectives, reducing the scope means closing the door to classifier operationalization in a real-world environment. In this paper, we propose a broader and more challenging scenario for our dataset by combining the four DNS malicious behaviors: malware, phishing, spam and botnet with legitimate domains samples. We use Splunk and its Machine Learning Toolkit to create, test and validate our classifier. We extract 12 static features from the domain name and analyze their weight on the prediction. We compared two supervised learning algorithms and measure their accuracy for such challenging environment. We obtained an 88% of accuracy by using Random Forest algorithm against Decision Tree 87%.

Tipo de publicación: Conference Paper

Publicado en: NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium

Desarrollo y evaluación de un prototipo de aplicación móvil para la administración de traslados de pacientes COVID-19

Descripción:

En este artículo presentamos un prototipo de una aplicación móvil para la administración de los traslados de pacientes COVID-19 realizados por el equipo PRIME del centro médico CEACO en Costa Rica. Describimos el diseño de la aplicación, los aspectos técnicos relacionados con su implementación, y los resultados de la evaluación de la experiencia de usuario realizada por los miembros del equipo PRIME. La evaluación del prototipo muestra la utilidad de la aplicación móvil para apoyar los procesos del equipo PRIME y los resultados del estudio de experiencia de usuario indican una percepción muy positiva para las categorías de atracción, trasparencia, eficiencia, controlabilidad y estimulación.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação