Contact Details

nameCarlos Garcia Cordero
positionPhD at GRK Privacy and Trust for mobile Users
email

garcia (AT) tk(DOT)tu-darmstadt(DOT)de

phone+49 (6151) 16 - 23205
fax+49 (6151) 16 - 23202
officeS2|02 A 316
postal addressTU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt
Germany

Research Interests

  • Machine learning

    • Anomaly Detection
    • Bayesian Networks
    • Deep Learning

  • Network Intrusion Detection

    • Collaborative Intrusion Detection
    • Distributed Intrusion Detection

Short Biography

Carlos García Cordero is a scientist, systems engineer, mathematician, musician and thinker.

Carlos' research experience and interests are wide and cover diverse topics such as cybersecurity, artificial intelligence, programming languages, compilers, machine learning and computer graphics, among others. 

Carlos is currently studying a PhD in Cyber Security and Distributed Machine Learning at TU Darmstadt. He has an MSc in Artificial Intelligence from The University of Edinburgh and a BSc in Computer Systems Engineering from the ITESM CSF in Mexico, both achieved with the highest honours.

Publications

Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks

Author Carlos Garcia Cordero, Sascha Hauke, Max Mühlhäuser, Mathias Fischer
Date December 2016
Kind Inproceedings
PublisherIEEE
Book title14th Annual Conference on Privacy, Security and Trust (PST)
JournalPrivacy, Security and Trust Conference
Pages317 - 324
ISBN978-1-5090-4379-8
DOI10.1109/PST.2016.7906980
KeyTUD-CS-2016-14643
Research Areas CASED, CRISP, Telecooperation, CYSEC, - SSI - Area Secure Smart Infrastructures, Fachbereich Informatik
Abstract Defending key network infrastructure, such as Internet backbone links or the communication channels of critical infrastructure, is paramount, yet challenging. The inherently complex nature and quantity of network data impedes detecting attacks in real world settings. In this paper, we utilize features of network flows, characterized by their entropy, together with an extended version of the original Replicator Neural Network (RNN) and deep learning techniques to learn models of normality. This combination allows us to apply anomaly-based intrusion detection on arbitrarily large amounts of data and, consequently, large networks. Our approach is unsupervised and requires no labeled data. It also accurately detects network-wide anomalies without presuming that the training data is completely free of attacks. The evaluation of our intrusion detection method, on top of real network data, indicates that it can accurately detect resource exhaustion attacks and network profiling techniques of varying intensities. The developed method is efficient because a normality model can be learned by training an RNN within a few seconds only.
[Export this entry to BibTeX]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Theses

1 Entries found


On the Analysis & Generation of Synthetic Attacks for Intrusion Detection Systems

Master Thesis

finished


Intrusion Detection Systems (IDS) have established themselves as a mandatory line of defense for critical infrastructure. One main aspect during the development of an IDS is the evaluation and optimization of the detection algorithms. Currently there is no standardized model for the evaluation of the detection efficiency. A common approach has been the use of static datasets, but the publicly available datasets have flaws in many regards, like their actuality and the absence of up-to-date attacks.This creates challenges in terms of the reproducibility and the comparison of results.


A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang