Contact Details

nameCarlos Garcia Cordero
positionResearcher at GRK: Privacy and Trust for mobile Users

garcia (AT) tk(DOT)tu-darmstadt(DOT)de

phone+49 (6151) 16 - 23205
fax+49 (6151) 16 - 23202
officeS2|02 A 316
postal addressTU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Research Interests

  • Machine learning

    • Anomaly Detection
    • Bayesian Networks
    • Deep Learning

  • Network Intrusion Detection

    • Collaborative Intrusion Detection
    • Distributed Intrusion Detection

  • Human Computer Interaction

    • 3D printing, computer graphics and 3D modeling tools

Short Biography

Carlos García Cordero is a scientist, systems engineer, mathematician, musician and thinker.

Carlos' research experience and interests are wide and cover diverse topics such as cyber-security, artificial intelligence, programming languages, compilers, machine learning and computer graphics, among others. 

Carlos is currently studying a PhD in Cyber Security and Distributed Machine Learning at TU Darmstadt. He has an MSc in Artificial Intelligence from The University of Edinburgh and a BSc in Computer Systems Engineering from the ITESM CSF in Mexico, both achieved with the highest honors.


ID2T - The Intrusion Detection Dataset Generation Toolkit

Author Carlos Garcia Cordero, Emmanouil Vasilomanolakis, Max Mühlhäuser
Date December 2017
Kind Misc
How publishedBlackhat Europe 2017
NoteBlackhat Europe 2017 Arsenal 
LocationLondon, UK
Research Areas CRISP, CYSEC, Telecooperation, SPIN: Smart Protection in Infrastructures and Networks, CROSSING, S1
Abstract <div>There is a never-ending arms race between attackers and defenders in the cyber-security world. Our tool, ID2T, tries to leverage the balance of power towards the defenders' side. ID2T enables security researchers and practitioners to test their defensive tools against synthetic attacks without risks. By injecting synthetic, yet realistic, attacks into network traces, detection mechanisms can be audited, tested and evaluated.&nbsp;</div> <div></div> <div>ID2T emerges from the gaps that exist between the arsenals of attackers and defenders. Attackers have the upper hand with 0-day exploits and the malware that utilizes them. Ransomware, for example, makes the headlines more often than ever. The development of modern security mechanisms, on the contrary, is moving slowly. One of the reasons for the slow pace is that there are no clear strategies to evaluate novel defensive proposals. Researchers and security practitioners are forced to use archaic and unrealistic network traces to evaluate their proposals. The DARPA 1999 intrusion detection dataset is such an example. It contains 18-year-old network traces (with no resemblance to modern networks) and old attacks.</div> <div></div> <div>ID2T stands for &quot;Intrusion Detection Dataset Toolkit&quot;. It is an open source toolkit designed to inject synthetic, yet highly realistic attacks, into network traces with the PCAP format. ID2T provides a wide range of modern cyber-attacks for injection; from malware and web application attacks (e.g., against Joomla) to SQL injection and DDoS attacks. Injected attacks are made as realistic as possible by replicating the network conditions and characteristics of any inputted network trace. In this demo session we present the first public release of ID2T, which builds on top of our theoretical work [1].</div> <div></div> <div>[1]: Vasilomanolakis et al., 2016, April. Towards the creation of synthetic, yet realistic, intrusion detection datasets. In NOMS, 2016 IEEE/IFIP (pp. 1209-1214).</div>
[Export this entry to BibTeX]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.


2 Entries found


Optimizing holon-based energy networks using Particle Swarm Optimization

Bachelor Thesis

in progress


Predicting vulnerabilities in software

Master Thesis

in progress

A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang