Gerenciamento Adaptativo de Conexões e Classificação de Endereços IP na Borda da Rede usando Proxies Preditivos AIOps
Resumo
A crescente dinamicidade das ameaças cibernéticas evidencia as limitações de abordagens estáticas baseadas em listas de bloqueio. Além disso, a consulta em tempo real a múltiplas fontes de Cyber Threat Intelligence (CTI) introduz latências incompatíveis com a borda da rede. Diante desse cenário, este trabalho propõe uma arquitetura baseada em Artificial Intelligence for IT Operations (AIOps) que utiliza modelos de aprendizado de máquina como proxies de baixa latência para a classificação multiclasse de risco de endereços IP. Um mecanismo de consenso multicritério é executado na nuvem para unificar dados de quatro fontes de CTI, formando uma ground truth robusta. Os resultados demonstram que o sistema alcança mais de 99% de paridade com o consenso da nuvem, reduzindo o tempo de inferência para menos de 10 milissegundos. Adicionalmente, testes de evasão validam o ciclo AIOps, demonstrando a recuperação autônoma da eficácia preditiva (de 79,9% para 97,5%) frente a fenômenos de concept drift.Referências
Brito, M. L. L., Ferreira, M. C. M., Portela, A. L. C., and Gomes, R. L. (2025). Aibased estimation of bandwidth availability for data offloading in edge-cloud computing. IEEE Networking Letters, pages 1–1.
Costa, M. A., Costa, Y. M., Almeida, Y. O., Cardoso, F. J., and Gomes, R. L. (2024). Connection management using automated firewall based on threat intelligence. In Proceedings of the 2024 Latin America Networking Conference, LANC ’24, page 32–37, New York, NY, USA. Association for Computing Machinery.
Costa, W. L., Portela, A. L., and Gomes, R. L. (2021). Features-aware ddos detection in heterogeneous smart environments based on fog and cloud computing. International Journal of Communication Networks and Information Security, 13(3):491–498.
Dietterich, T. G. (2000). Ensemble methods in machine learning. In Multiple classifier systems, pages 1–15. Springer.
Ferreira, M. C., Ribeiro, S. E., Nobre, F. V., Linhares, M. L., Araújo, T. P., and Gomes, R. L. (2024). Mitigating measurement failures in throughput performance forecasting. In 2024 20th International Conference on Network and Service Management (CNSM), pages 1–7.
Gama, J. a., Žliobaitundefined, I., Bifet, A., Pechenizkiy, M., and Bouchachia, A. (2014). A survey on concept drift adaptation. ACM Comput. Surv., 46(4).
Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2013). A virtual network allocation algorithm for reliability negotiation. In 2013 22nd International Conference on Computer Communication and Networks (ICCCN), pages 1–7.
Gomes, R. L., Bittencourt, L. F., Madeira, E. R. M., Cerqueira, E. C., and Gerla, M. (2016). Software-defined management of edge as a service networks. IEEE Transactions on Network and Service Management, 13(2):226–239.
Huang, Y., Negrete, J., Wagener, J., et al. (2023). Graph neural networks and cross-protocol analysis for detecting malicious ip addresses. Complex & Intelligent Systems, 9:3857–3869.
Kuncheva, L. I. (2004). Combining Pattern Classifiers: Methods and Algorithms. John Wiley & Sons, Hoboken, NJ, USA.
Lazar, D., Cohen, K., Freund, A., Bartik, A., and Ron, A. (2021). Imdoc: Identification of malicious domain campaigns via dns and communicating files. IEEE Access, 9:45242–45258.
Nobre, F. V. J., Alves, D. O., Araujo, R. S., Campos, G. A., and Gomes, R. L. (2026). Risk classification of ip addresses using machine learning with weighted voting approach. In Rodrigues, L. A. and Oliveira, R., editors, Dependable and Secure Computing, pages 320–328, Cham. Springer Nature Switzerland.
Nobre, F. V. J., Silva, D. d. S., Ferreira, M. C. M. M., Brito, M. L. M. L., de Araújo, T. P., and Gomes, R. L. (2025). Time-weighted correlation approach to identify high delay links in internet service providers. Journal of Internet Services and Applications, 16(1):419–430.
Park, J., You, G., Ji, Y., and Youm, H. Y. (2024). Security requirements for fully automated ai systems to exercise and ensure the rights of data subjects. In 2024 19th Asia Joint Conference on Information Security (AsiaJCIS), pages 107–112.
Pimenta, I., Silva, D., Moura, E., Silveira, M., and Gomes, R. L. (2024). Impact of data anonymization in machine learning models. In Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing, pages 188–191.
Pimenta, I. A., Lee, M. H., Bittencourt, L. F., and Gomes, R. L. (2025). Adaptive privacy based on mutual information for machine learning in edge-cloud environments. IEEE Networking Letters, pages 1–1.
Portela, A. L. C., Ribeiro, S. E. S. B., Menezes, R. A., de Araujo, T., and Gomes, R. L. (2024). T-for: An adaptable forecasting model for throughput performance. IEEE Transactions on Network and Service Management, pages 1–1.
Potts, W. C. and Carver, C. (2024). Best practices implementing aiops in large organizations. In 2024 International Conference on Smart Applications, Communications and Networking (SmartNets), pages 1–5.
Siam, A. A., Alazab, M., Awajan, A., Hasan, M. R., Obeidat, A., and Faruqui, N. (2025). Ip safeguard–an ai-driven malicious ip detection framework. IEEE Access, 13:90249–90261.
Souza, M. S., Ribeiro, S. E. S. B., Lima, V. C., Cardoso, F. J., and Gomes, R. L. (2024). Combining regular expressions and machine learning for sql injection detection in urban computing. Journal of Internet Services and Applications, 15(1):103–111.
Spyros, A., Koritsas, I., Papoutsis, A., Panagiotou, P., Chatzakou, D., Kavallieros, D., Tsikrika, T., Vrochidis, S., and Kompatsiaris, I. (2025). Ai-based holistic framework for cyber threat intelligence management. IEEE Access, 13:20820–20846.
Usman, N., Usman, S., Khan, F., Jan, M. A., Sajid, A., Alazab, M., and Watters, P. (2021). Intelligent dynamic malware detection using machine learning in ip reputation for forensics data analytics. Future Generation Computer Systems, 118:124–141.
Wagner, T. D., Mahbub, K., Palomar, E., and Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers Security, 87:101589.
Yang, J. and Lim, H. (2021). Deep learning approach for detecting malicious activities over encrypted secure channels. IEEE Access, 9:39229–39244.
Yang, Y., Yang, S., Zhao, C., and Xu, Z. (2024). Telops: Ai-driven operations and maintenance for telecommunication networks. IEEE Communications Magazine, 62(4):104–110.
Costa, M. A., Costa, Y. M., Almeida, Y. O., Cardoso, F. J., and Gomes, R. L. (2024). Connection management using automated firewall based on threat intelligence. In Proceedings of the 2024 Latin America Networking Conference, LANC ’24, page 32–37, New York, NY, USA. Association for Computing Machinery.
Costa, W. L., Portela, A. L., and Gomes, R. L. (2021). Features-aware ddos detection in heterogeneous smart environments based on fog and cloud computing. International Journal of Communication Networks and Information Security, 13(3):491–498.
Dietterich, T. G. (2000). Ensemble methods in machine learning. In Multiple classifier systems, pages 1–15. Springer.
Ferreira, M. C., Ribeiro, S. E., Nobre, F. V., Linhares, M. L., Araújo, T. P., and Gomes, R. L. (2024). Mitigating measurement failures in throughput performance forecasting. In 2024 20th International Conference on Network and Service Management (CNSM), pages 1–7.
Gama, J. a., Žliobaitundefined, I., Bifet, A., Pechenizkiy, M., and Bouchachia, A. (2014). A survey on concept drift adaptation. ACM Comput. Surv., 46(4).
Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2013). A virtual network allocation algorithm for reliability negotiation. In 2013 22nd International Conference on Computer Communication and Networks (ICCCN), pages 1–7.
Gomes, R. L., Bittencourt, L. F., Madeira, E. R. M., Cerqueira, E. C., and Gerla, M. (2016). Software-defined management of edge as a service networks. IEEE Transactions on Network and Service Management, 13(2):226–239.
Huang, Y., Negrete, J., Wagener, J., et al. (2023). Graph neural networks and cross-protocol analysis for detecting malicious ip addresses. Complex & Intelligent Systems, 9:3857–3869.
Kuncheva, L. I. (2004). Combining Pattern Classifiers: Methods and Algorithms. John Wiley & Sons, Hoboken, NJ, USA.
Lazar, D., Cohen, K., Freund, A., Bartik, A., and Ron, A. (2021). Imdoc: Identification of malicious domain campaigns via dns and communicating files. IEEE Access, 9:45242–45258.
Nobre, F. V. J., Alves, D. O., Araujo, R. S., Campos, G. A., and Gomes, R. L. (2026). Risk classification of ip addresses using machine learning with weighted voting approach. In Rodrigues, L. A. and Oliveira, R., editors, Dependable and Secure Computing, pages 320–328, Cham. Springer Nature Switzerland.
Nobre, F. V. J., Silva, D. d. S., Ferreira, M. C. M. M., Brito, M. L. M. L., de Araújo, T. P., and Gomes, R. L. (2025). Time-weighted correlation approach to identify high delay links in internet service providers. Journal of Internet Services and Applications, 16(1):419–430.
Park, J., You, G., Ji, Y., and Youm, H. Y. (2024). Security requirements for fully automated ai systems to exercise and ensure the rights of data subjects. In 2024 19th Asia Joint Conference on Information Security (AsiaJCIS), pages 107–112.
Pimenta, I., Silva, D., Moura, E., Silveira, M., and Gomes, R. L. (2024). Impact of data anonymization in machine learning models. In Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing, pages 188–191.
Pimenta, I. A., Lee, M. H., Bittencourt, L. F., and Gomes, R. L. (2025). Adaptive privacy based on mutual information for machine learning in edge-cloud environments. IEEE Networking Letters, pages 1–1.
Portela, A. L. C., Ribeiro, S. E. S. B., Menezes, R. A., de Araujo, T., and Gomes, R. L. (2024). T-for: An adaptable forecasting model for throughput performance. IEEE Transactions on Network and Service Management, pages 1–1.
Potts, W. C. and Carver, C. (2024). Best practices implementing aiops in large organizations. In 2024 International Conference on Smart Applications, Communications and Networking (SmartNets), pages 1–5.
Siam, A. A., Alazab, M., Awajan, A., Hasan, M. R., Obeidat, A., and Faruqui, N. (2025). Ip safeguard–an ai-driven malicious ip detection framework. IEEE Access, 13:90249–90261.
Souza, M. S., Ribeiro, S. E. S. B., Lima, V. C., Cardoso, F. J., and Gomes, R. L. (2024). Combining regular expressions and machine learning for sql injection detection in urban computing. Journal of Internet Services and Applications, 15(1):103–111.
Spyros, A., Koritsas, I., Papoutsis, A., Panagiotou, P., Chatzakou, D., Kavallieros, D., Tsikrika, T., Vrochidis, S., and Kompatsiaris, I. (2025). Ai-based holistic framework for cyber threat intelligence management. IEEE Access, 13:20820–20846.
Usman, N., Usman, S., Khan, F., Jan, M. A., Sajid, A., Alazab, M., and Watters, P. (2021). Intelligent dynamic malware detection using machine learning in ip reputation for forensics data analytics. Future Generation Computer Systems, 118:124–141.
Wagner, T. D., Mahbub, K., Palomar, E., and Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers Security, 87:101589.
Yang, J. and Lim, H. (2021). Deep learning approach for detecting malicious activities over encrypted secure channels. IEEE Access, 9:39229–39244.
Yang, Y., Yang, S., Zhao, C., and Xu, Z. (2024). Telops: Ai-driven operations and maintenance for telecommunication networks. IEEE Communications Magazine, 62(4):104–110.
Publicado
25/05/2026
Como Citar
NOBRE, Francisco V. J.; ARAUJO, Ramon S.; ALVES, Davi O.; SANTOS, Janaina R.; NOBRE, Jéferson C.; GOMES, Rafael L..
Gerenciamento Adaptativo de Conexões e Classificação de Endereços IP na Borda da Rede usando Proxies Preditivos AIOps. In: WORKSHOP DE GERÊNCIA E OPERAÇÃO DE REDES E SERVIÇOS (WGRS), 31. , 2026, Praia do Forte/BA.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2026
.
p. 127-140.
ISSN 2595-2722.
DOI: https://doi.org/10.5753/wgrs.2026.23088.
