Carlos Catania

Carlos Catania
National University of Cuyo | UNCUYO · Computer Science

PhD
Head of the Intelligent Systems Laboratory (LABSIN) at School of Engineering. National University of Cuyo

About

40
Publications
13,332
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
443
Citations
Citations since 2016
27 Research Items
375 Citations
2016201720182019202020212022020406080
2016201720182019202020212022020406080
2016201720182019202020212022020406080
2016201720182019202020212022020406080
Additional affiliations
April 2017 - present
National University of Technology Mendoza
Position
  • Professor (Assistant)
Description
  • Collaborating with DHARMA group. Teaching Machine Learning Courses
January 2017 - present
National University of Cuyo
Position
  • Professor (Associate)
Description
  • Teaching several programming courses. Introduction to Programming and Data Structures and Algorithms I.
January 2014 - January 2015
University of Strasbourg
Position
  • PostDoc Position
Description
  • Working on the development of an ontology-guided genetic algorithm under the GP-GPU architecture.
Education
August 2008 - August 2013

Publications

Publications (40)
Preprint
Full-text available
Even though a train/test split of the dataset randomly performed is a common practice, could not always be the best approach for estimating performance generalization under some scenarios. The fact is that the usual machine learning methodology can sometimes overestimate the generalization error when a dataset is not representative or when rare and...
Article
In contrast to previous surveys, the present work is not focused on reviewing the datasets used in the network security field. The fact is that many of the available public labeled datasets represent the network behavior just for a particular time period. Given the rate of change in malicious behavior and the serious challenge to label, and maintai...
Preprint
Deconvolution methods infer levels of immune and stromal infiltration from bulk expression of tumor samples. These methods allow projection of characteristics of the tumor microenvironment, known to affect patient outcome and therapeutic response, onto the millions of bulk transcriptional profiles in public databases, many focused on uniquely valua...
Preprint
Full-text available
In contrast to previous surveys, the present work is not focused on reviewing the datasets used in the network security field. The fact is that many of the available public labeled datasets represent the network behavior just for a particular time period. Given the rate of change in malicious behavior and the serious challenge to label, and maintai...
Article
Motivation: Statistical and machine learning analyses of tumor transcriptomic profiles offer a powerful resource to gain deeper understanding of tumor subtypes and disease prognosis. Currently prognostic gene expression signatures do not exist for all cancer types, and most developed to date have been optimized for individual tumor types. In Galgo...
Preprint
Full-text available
Domain Name Service is a trusted protocol made for name resolution, but during past years some approaches have been developed to use it for data transfer. DNS Tunneling is a method where data is encoded inside DNS queries, allowing information exchange through the DNS. This characteristic is attractive to hackers who exploit DNS Tunneling method to...
Conference Paper
Labeling a real network dataset is specially expensive in computer security, as an expert has to ponder several factors before assigning each label. This paper describes an interactive intelligent system to support the task of identifying hostile behaviors in network logs. The RiskID application uses visualizations to graphically encode features of...
Article
In the field of network security, the process of labeling a network traffic dataset is specially expensive since expert knowledge is required to perform the annotations. With the aid of visual analytic applications such as RiskID, the effort of labeling network traffic is considerable reduced. However, since the label assignment still requires an e...
Preprint
Full-text available
Domain Name Service is a central part of Internet regular operation. Such importance has made it a common target of different malicious behaviors such as the application of Domain Generation Algorithms (DGA) for command and control a group of infected computers or Tunneling techniques for bypassing system administrator restrictions. A common detect...
Preprint
Full-text available
The knowledge generated by animal behavior studies has been gaining importance due to it can be used to improve the efficiency of animal production systems. In recent years, sensor-based approaches for animal behavior classification has emerged as a promising alternative for analyzing animals grazing patterns. In the present article it is proposed...
Chapter
A Domain Generation Algorithm (DGA) is an algorithm to generate domain names in a deterministic but seemly random way. Mal-ware use DGAs to generate the next domain to access the Command Control (C&C) communication server. Given the simplicity of the generation process and speed at which the domains are generated, a fast and accurate detection meth...
Article
Compensation of errors from MicroElectroMechanical Systems (MEMS) inertial sensors is mandatory for real-world applications. Recently, several machine learning methods focused on dealing with nonlinear behaviors have been proposed to increase MEMS inertial sensors performance. However, manufacturers of MEMS inertial sensors claim that nonlinearity...
Data
A pdf file containing links to online resources for the article. Source Code and web services included.
Preprint
Full-text available
A Domain Generation Algorithm (DGA) is an algorithm to generate domain names in a deterministic but seemly random way. Malware use DGAs to generate the next domain to access the Command Control (C&C) communication channel. Given the simplicity and velocity associated to the domain generation process, machine learning detection methods emerged as su...
Conference Paper
The moving average (MA) filter is a smoothing filter well-known in the digital signal processing community. The MA filter has only one configuration parameter, N, which is the order of the filter, and is used to adjust the smoothing effect of an MA filter. The MA filtering technique can be effectively used to de-noise inertial sensors signals. One...
Chapter
In this chapter, the authors show how knowledge engineering techniques can be used to guide the definition of evolutionary algorithms (EA) for problems involving a large amount of structured data, through the resolution of a real problem. Various representations of the fitness functions, the genome, and mutation/crossover operators adapted to diffe...
Conference Paper
Full-text available
The problem of detecting malicious behavior in network traffic has become an extremely difficult challenge for the security community. Consequently, several intelligence-based tools have been proposed to generate models capable of understanding the information trav-eling through the network and to help in the identification of suspicious connection...
Conference Paper
Full-text available
The development of new approaches in the GIS research community generally requires the use of a computational tool to post-process GNSS and inertial sensors data in order to get more accurate position, velocity, and orientation angles (attitude) information. An open-source framework for simulating integrated navigation systems (INS/GNSS) called Nav...
Conference Paper
This paper presents a graphical interface to identify hostile behavior in network logs. The problem of identifying and labeling hostile behavior is well known in the network security community. There is a lack of labeled datasets, which make it difficult to deploy automated methods or to test the performance of manual ones. We describe the process...
Data
The python implementation of the LSTM network used for the experiments described in the paper. We have made our best effort for simplyfing the reading of the code. However, if you want to test it and you find some problems/errors feel free to tell us about them.
Conference Paper
Full-text available
Some botnets use special algorithms to generate the domain names they need to connect to their command and control servers. They are refereed as Domain Generation Algorithms. Domain Generation Algorithms generate domain names and tries to resolve their IP addresses. If the domain has an IP address, it is used to connect to that command and control...
Conference Paper
A Botnet can be conceived as a group of compromised computers which can be controlled remotely to execute coordinated attacks or commit fraudulent acts. The fact that Botnets keep continuously evolving means that traditional detection approaches are always one step behind. Recently, the behavioral analysis of network traffic has arisen as a way to...
Conference Paper
Micro-electro mechanical systems (MEMS) inertial sensors are key components in navigation systems where low cost, low weight and/or low power consumption are required. New approaches based on machine learning techniques for nonlinear systems have been proposed to increase MEMS inertial sensors' precision. However, many MEMS inertial sensors can be...
Article
Full-text available
Evolutionary Algorithms (EA) have proven to be very effective in optimizing intractable problems in many areas. However, real problems including specific constraints are often overlooked by the proposed generic models. The authors' goal here is to show how knowledge engineering techniques can be used to guide the definition of Evolutionary Algorith...
Article
Full-text available
The problem of the transportation of patients from or to some health care center given a number of vehicles of different kinds can be considered as a common Vehicle Routing Problem (VPR). However, in our particular case, the logistics behind the generation of the vehicle itineraries are affected by a high number of requirements and constraints such...
Conference Paper
Machine learning have been one of the most considered techniques for achieving automatic intrusion detection. Despite many of these machine learning approaches have achieved the goal of getting high accuracy levels in a more automatic way, the fact is that only a few of them have actually been deployed on real life scenarios. This could be explaine...
Conference Paper
Full-text available
The fast evolution of Botnet malware made it extremely difficult to detect. Despite it can be just considered as a tool, nowadays it has become one of the most dangerous threats for system administrators. Botnets are used as the starting point for different kind of attacks, such as SPAM, Denegation of Service, key logging and traffic sniffing, amon...
Article
Automatic network intrusion detection has been an important research topic for the last 20 years. In that time, approaches based on signatures describing intrusive behavior have become the de-facto industry standard. Alternatively, other novel techniques have been used for improving automation of the intrusion detection process. In this regard, sta...
Article
In the past years, several support vector machines (SVM) novelty detection approaches have been applied on the network intrusion detection field. The main advantage of these approaches is that they can characterize normal traffic even when trained with datasets containing not only normal traffic but also a number of attacks. Unfortunately, these al...
Article
Full-text available
In the past years, several support vector machines (SVM) novelty detection approaches have been applied on the network intrusion detection field. The main advantage of these approaches is that they can characterize normal traffic even when trained with datasets containing not only normal traffic but also a number of attacks. Unfortunately, these al...
Conference Paper
Full-text available
In the past years, several support vector machines (SVM) novelty detection approaches have been appliedon the network intrusion detection field. The main advantage of these approaches is that they can char-acterize normal traffic even when trained with datasets containing not only normal traffic but also anumber of attacks. Unfortunately, these alg...
Article
Full-text available
El reconocimiento de patrones en el trafico de red es uno de los componentes fundamentales de los sistemas de deteccion de intrusos. En este trabajo se estudian las posibilidades de aplicacion de un algoritmo genetico para obtener reglas que permitan reconocer las instancias de trafico normales. El enfoque propuesto es distinto respecto a otros tra...
Article
Full-text available
Resumen. Actualmente se cuenta con distintos métodos de computación distribuida capaces de incrementar los recursos de cálculos y/o disminuir tiempos de ejecución de aplicaciones intensivas, como resultan algunos casos de elementos finitos. En este sentido se emplean cada vez más frecuentemente códigos paralelos que se procesan en distintas computa...
Article
Resumen El Protocolo de Internet actual, conocido como PV4, a servido con éxito por más de 20 años pero comienza a dar señales de encontrarse al límite de su diseño y ya no puede seguir brindando respuestas adecuadas, sobretodo en cuanto al paulatino agotamiento de las direcciones IP disponibles. Además el IPv4 carece de algunas características "de...

Network

Cited By

Projects

Projects (2)
Project
NaveGo is an open-source framework for processing integrated navigation systems and performing inertial sensors profiling analysis that is freely available online at https://github.com/rodralez/NaveGo. It is developed under MATLAB/GNU-Octave due to this programming language has become a de facto standard for simulation and mathematical computing. NaveGo's motto is "to bring integrated navigation to the masses". NaveGo has been verified by processing real-world data from a real trajectory and contrasting results with a commercial, closed-source software package. Difference between both solutions have shown to be negligible. Main features of NaveGo are: * Processing of an inertial navigation system (INS). * Processing of a loosely-coupled integrated navigation system (INS/GPS). * Implementation of the Allan variance procedure to characterize inertial sensors' typical errors. * Simulation of inertial sensors and GPS. NaveGo is supported at the moment by three academic research groups: GridTics at the National University of Technology (Argentina), ITIC at the National University of Cuyo (Argentina), and DIATI at the Politecnico di Torino (Italy).
Project
The Stratophere Project creates a free-software, machine learning-based, behavioral Intrusion Prevention System https://stratosphereips.org