Ing. Martin Žádník, Ph.D.

BARTOŠ Václav and ŽÁDNÍK Martin. An Analysis of Correlations of Intrusion Alerts in an NREN. In: 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). Athény: IEEE Communications Society, 2014, pp. 305-309. ISBN 978-1-4799-5725-5.
Publication language:english
Original title:An Analysis of Correlations of Intrusion Alerts in an NREN
Title (cs):Analýza korelací v hlášeních o průnicích v NREN
Pages:305-309
Proceedings:2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)
Conference:19th IEEE International Workshop on Computer-Aided Modeling Analysis and Design of Communication Links and Networks
Place:Athény, GR
Year:2014
ISBN:978-1-4799-5725-5
Publisher:IEEE Communications Society
Files: 
+Type Name Title +Size Last modified
iconcamad14_alert_correlations.pdf198 KB2014-12-16 13:16:44
^ Select all
With selected:
Keywords
network intrusion detection, malicious traffic, spatio-temporal correlations, alert aggregation
Annotation
An ever increasing impact and amount of network attacks have driven many organizations to deploy various network monitoring and analysis systems such as honeypots, intrusion detection systems, log analysers and flow monitors. Besides improving these systems a logical next step is to collect and correlate alerts from multiple systems distributed across organizations. The idea is to leverage a joint effect of multiple monitoring systems to build a more robust and efficient system, ideally, lacking the shortcomings of the individual contributing systems. This paper presents an analysis of alert reports gathered from several such detectors deployed in national research and education network (NREN). The analysis focuses on the correlations of reported events in temporal domain
as well as on the correlations of different event types.

BibTeX:
@INPROCEEDINGS{
   author = {V{\'{a}}clav Barto{\v{s}} and Martin
	{\v{Z}}{\'{a}}dn{\'{i}}k},
   title = {An Analysis of Correlations of Intrusion Alerts in an NREN},
   pages = {305--309},
   booktitle = {2014 IEEE 19th International Workshop on Computer Aided
	Modeling and Design of Communication Links and Networks
	(CAMAD)},
   year = {2014},
   location = {Ath{\'{e}}ny, GR},
   publisher = {IEEE Communications Society},
   ISBN = {978-1-4799-5725-5},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10526}
}

Your IPv4 address: 54.91.38.173
Switch to IPv6 connection

DNSSEC [dnssec]