Graph-based Network Traffic Analysis for Incident Investigation

CSLog in Log in (EduId)

Detailed Information on Publication Record

p 2021

Graph-based Network Traffic Analysis for Incident Investigation

ČERMÁK, Milan

Basic information

Original name

Graph-based Network Traffic Analysis for Incident Investigation

Authors

ČERMÁK, Milan

Edition

The 16th International Conference on Availability, Reliability and Security, 2021

Other information

Language

English

Type of outcome

Vyžádané přednášky

Country of publisher

Czech Republic

Confidentiality degree

není předmětem státního či obchodního tajemství

Organization

Ústav výpočetní techniky – Repository – Repository

Keywords in English

Network Forensics;Graph Database;Incident Investigation;Dgraph;Zeek;Association-based Analysis

Links

833418, interní kód Repo.

Změněno: 29/4/2022 03:09, RNDr. Daniel Jakubík

Abstract

V originále

In this presentation, we introduce a new approach to analyzing network traffic data using associations. In the beginning, we discuss the benefits and issues of currently used analysis tools. Next, we propose a new data representation model and utilization of a graph database to store such data. In the main part of the presentation, we introduce the Granef toolkit and its use for incident investigation.

Files attached

https://is.muni.cz/publication/1786778/2021-ARES-graph-based-network-traffic-analysis-for-incident-investigation-presentation.pdf

Find similar documents

Detailed Information on Publication Record

Graph-based Network Traffic Analysis for Incident Investigation

Basic information

Original name

Authors

Edition

Other information

Language

Type of outcome

Country of publisher

Confidentiality degree

Organization

Keywords in English

Links

Abstract

V originále

Files attached

Citovat