Ciencias Exactas y Ciencias de la Salud
Permanent URI for this collectionhttps://hdl.handle.net/11285/551039
Pertenecen a esta colección Tesis y Trabajos de grado de las Maestrías correspondientes a las Escuelas de Ingeniería y Ciencias así como a Medicina y Ciencias de la Salud.
Browse
Search Results
- Use of software-defined network capabilities to increase the security at the Edge Computing on a heterogeneous environment of IoT devices(Instituto Tecnológico y de Estudios Superiores de Monterrey, 2025-11) Lasa Gutiérrez, José Antonio; Zareei, Mahdi; emipsanchez; Rodríguez Arreola, Alberto; Falcón Morales, Luis Eduardo; School of Engineering and Sciences; Campus GuadalajaraThere’s an enormous amount of IoT devices connected to the internet without following a security standard which makes it a real threat for the consumers. All of the sensors and devices that are currently tracking steps, speed, movement, heart rate, location, temperature, etc. is sensitive data that could be taken by malicious agents or corporations for invasion of privacy to the customers. This work presents a way of using some of the Software Defined Networks capabilities to improve the privacy, detect and mitigate the most common attacks that are Denial of Service (DoS) and Distributed Denial of Service (DDoS) at the Edge Computing through some simple algorithms which won’t affect application performance under the current network.
- Network attack detection on SDN with programmable switches and Machine-learning(Instituto Tecnológico y de Estudios Superiores de Monterrey, 2024-12) Ramírez Martínez, Erick David; Pérez Díaz, Jesús Arturo; Rodríguez Hernández, Gerardo; Gutiérrez Betancur, Sergio Armando; School of Engineering and Sciences; Campus Monterrey; Yungaicela Naula, Noé MarceloSoftware-defined networks provide alternatives for data management and security in enter prise environments with the help of an external controller and by separating the control planefrom the data plane. The versatility of SDN makes them suitable for the detection and mit igation of DDoS attacks. DDoS attacks are increasing in complexity and size. Several re ports state that DDoS are the second most prominent network attacks from 2022 to 2024 and are changing in behavior. New attackers are aiming at unprotected devices, such as IoT and healthcare networks, which pose a threat to human lives. DDoS also leverages new vulnerabil ities and behaviors, such as the more recent HTTP/2 attack, which shares several similarities with stealthy, Slow-rate attacks. State-of-the-art detection techniques for DDoS attacks in clude algorithms and machine learning implementations that classify data flows depending on individual features such as message length and packet frequency. However, these approaches may overload the network controller. This thesis proposes a framework that captures flow fea tures for ML detection within programmable switches, without relying on an SDN controller to increase the speed of network protection systems. This thesis presents a code written in P4 programming language for the use of BMv2 P4 programmable switches and a physical assessment using Tofino-based P4 programmable switches. Both implementations evaluate a protection framework against Slow-rate DDoS attacks using machine-learning models inside programmable switches. The results of this work showed an accuracy above 88%, ranging from 88.74% in the physical implementation to 98.28% in the simulated implementation. The results of this thesis achieved a steppingstone in DDoS attack detection as it is performed in real time at high speed due to the advantages of programmable switches. Moreover, the framework goes even further and implements a mitigation strategy that successfully blocks malicious IP addresses.