Toward Real-time Network-wide Cyber Situational Awareness

Autoři

JIRSÍK Tomáš ČELEDA Pavel

Rok publikování 2018
Druh Článek ve sborníku
Konference NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
Fakulta / Pracoviště MU

Ústav výpočetní techniky

Citace
www https://ieeexplore.ieee.org/abstract/document/8406166/
Doi http://dx.doi.org/10.1109/NOMS.2018.8406166
Klíčová slova cyber; situation awareness; real-time; Stream4Flow
Přiložené soubory
Popis In today's complex computer networks, we are constantly facing a risk of data loss, system compromise, or intellectual property theft. The complexity of the networks hinders their effective defense. A Network-wide Cyber Situational Awareness (NwCSA) has been introduced to assist a network security administrator with network security. The concept, however, faces several challenges that hinder an efficient application of the NwCSA in a real-world environment. The challenges include the overload of raw data, low speed of reaction, and a lack of context and unified view on a network. In this paper, we present a novel framework that faces above mentioned challenges. The framework leverages a distributed data stream processing system and methods for real-time big data processing. The framework is evaluated with respect to stated requirements on systems for NwCSA. Moreover, we present a prototype framework implementation and provide lessons learned from its real-world deployment.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.

Další info