VELAN, Petr, Martin HUSÁK and Daniel TOVARŇÁK. Rapid Prototyping of Flow-Based Detection Methods Using Complex Event Processing. Online. In NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium. Taipei, Taiwan: IEEE Xplore Digital Library, 2018, p. 1-3. ISBN 978-1-5386-3416-5. Available from: https://dx.doi.org/10.1109/NOMS.2018.8406121.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Rapid Prototyping of Flow-Based Detection Methods Using Complex Event Processing
Authors VELAN, Petr (203 Czech Republic, guarantor, belonging to the institution), Martin HUSÁK (203 Czech Republic, belonging to the institution) and Daniel TOVARŇÁK (203 Czech Republic, belonging to the institution).
Edition Taipei, Taiwan, NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium, p. 1-3, 3 pp. 2018.
Publisher IEEE Xplore Digital Library
Other information
Original language English
Type of outcome Proceedings paper
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14610/18:00106891
Organization Ústav výpočetní techniky – Repository – Repository
ISBN 978-1-5386-3416-5
Doi http://dx.doi.org/10.1109/NOMS.2018.8406121
UT WoS 000541820800009
Keywords in English Databases;Engines;Force;IP networks;Monitoring;Security;Uniform resource locators
Links VI20162019029, research and development project.
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 31/3/2023 04:06.
Abstract
Detection of network attacks is the first step to network security. Many different methods for attack detection were proposed in the past. However, descriptions of these methods are often not complete and it is difficult to verify that the actual implementation matches the description. In this demo paper, we propose to use Complex Event Processing (CEP) for developing detection methods based on network flows. By writing the detection methods in an Event Processing Language (EPL), we can address the above-mentioned problems. The SQL-like syntax of most EPLs is easily readable so the detection method is self-documented. Moreover, it is directly executable in the CEP system, which eliminates inconsistencies between documentation and implementation. The demo will show a running example of a multi-stage HTTP brute force attack detection using Esper and its EPL.
Type Name Uploaded/Created by Uploaded/Created Rights
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-paper.pdf Licence Creative Commons  File version 13/6/2018

Properties

Name
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-paper.pdf
Address within IS
https://repozitar.cz/auth/repo/29528/537615/
Address for the users outside IS
https://repozitar.cz/repo/29528/537615/
Address within Manager
https://repozitar.cz/auth/repo/29528/537615/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/29528/537615/?info
Uploaded/Created
Wed 13/6/2018 00:55

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-paper.pdf Licence Creative Commons  File version 5/9/2020

Properties

Name
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-paper.pdf
Address within IS
https://repozitar.cz/auth/repo/29528/905949/
Address for the users outside IS
https://repozitar.cz/repo/29528/905949/
Address within Manager
https://repozitar.cz/auth/repo/29528/905949/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/29528/905949/?info
Uploaded/Created
Sat 5/9/2020 21:03

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-poster.pdf Licence Creative Commons 13/6/2018

Properties

Name
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-poster.pdf
Address within IS
https://repozitar.cz/auth/repo/29528/537614/
Address for the users outside IS
https://repozitar.cz/repo/29528/537614/
Address within Manager
https://repozitar.cz/auth/repo/29528/537614/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/29528/537614/?info
Uploaded/Created
Wed 13/6/2018 00:55

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-poster.pdf Licence Creative Commons 5/9/2020

Properties

Name
2018-NOMS-Rapid-Prototyping-of-Flow-Based-Detection-Methods-Using-Complex-Event-Processing-poster.pdf
Address within IS
https://repozitar.cz/auth/repo/29528/905948/
Address for the users outside IS
https://repozitar.cz/repo/29528/905948/
Address within Manager
https://repozitar.cz/auth/repo/29528/905948/?info
Address within Manager for the users outside IS
https://repozitar.cz/repo/29528/905948/?info
Uploaded/Created
Sat 5/9/2020 21:03

Rights

Right to read
  • anyone on the Internet
Right to upload
 
Right to administer:
  • a concrete person Mgr. Lucie Vařechová, uco 106253
  • a concrete person RNDr. Daniel Jakubík, uco 139797
  • a concrete person Mgr. Jolana Surýnková, uco 220973
Attributes
 
Print
Add to clipboard Displayed: 4/5/2024 22:31