Coleta e Caracterização de um Conjunto de Dados de ∗ Tráfego Real de Redes de Acesso em Banda Larga

  • Martin Andreoni Lopez
  • Renato Souza Silva
  • Igor Drummond Alvarenga
  • Diogo Menezes Ferrazani Mattos
  • Otto Carlos Muniz Bandeira Duarte

Resumo


Broadband Internet access security lies in the implementation of perimeter policies and in the adoption of access control lists. These measures are precarious because they are based on common and poorly updated profiles, lacking residential users threat information. This article analyzes and characterizes residential user traffic from fixed broadband Internet access networks of a large communications operator, for a period of one week, and obtains the profile of the security alarms generated by an intrusion detection system on this traffic. The results show that the proposed characterization allows classification of the flows, with an alert sensitivity of 93% in the differentiation of the legitimate flows and the alarm generating flows, thus, validating the collected dataset, and allows a 73% reduction for the traffic directed to the traffic analyzer, enabling more dynamic and efficient access network security.
Publicado
19/05/2017
LOPEZ, Martin Andreoni; SILVA, Renato Souza; ALVARENGA, Igor Drummond; MATTOS, Diogo Menezes Ferrazani; DUARTE, Otto Carlos Muniz Bandeira. Coleta e Caracterização de um Conjunto de Dados de ∗ Tráfego Real de Redes de Acesso em Banda Larga. In: WORKSHOP DE GERÊNCIA E OPERAÇÃO DE REDES E SERVIÇOS (WGRS), 22. , 2017, Belém. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2017 . ISSN 2595-2722.