Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{34606, author = {Čermák, Milan and Laštovička, Martin and Jirsík, Tomáš}, address = {Washington DC, USA}, booktitle = {2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)}, keywords = {Anomaly Detection;IP Flow;Apache Spark;Stream Processing}, howpublished = {elektronická verze "online"}, language = {eng}, location = {Washington DC, USA}, isbn = {978-1-7281-0618-2}, pages = {521-526}, publisher = {IEEE}, title = {Real-time Pattern Detection in IP Flow Data using Apache Spark}, url = {https://ieeexplore.ieee.org/document/8717827}, year = {2019} }
TY - JOUR ID - 34606 AU - Čermák, Milan - Laštovička, Martin - Jirsík, Tomáš PY - 2019 TI - Real-time Pattern Detection in IP Flow Data using Apache Spark PB - IEEE CY - Washington DC, USA SN - 9781728106182 KW - Anomaly Detection;IP Flow;Apache Spark;Stream Processing UR - https://ieeexplore.ieee.org/document/8717827 N2 - Detection of network attacks is a challenging task, especially concerning detection coverage and timeliness. The defenders need to be able to detect advanced types of attacks and minimize the time gap between the attack detection and its mitigation. To meet these requirements, we present a stream-based IP flow data processing application for real-time attack detection using similarity search techniques. Our approach extends capabilities of traditional detection systems and allows to detect not only anomalies and attacks that match exactly to predefined patterns but also their variations. The approach is demonstrated on detection of SSH authentication attacks. We describe a process of patterns definition and illustrate their usage in a real-world deployment. We show that our approach provides sufficient performance of IP flow data processing for real-time detection while maintaining versatility and ability to detect network attacks that have not been recognized by traditional approaches. ER -
ČERMÁK, Milan, Martin LAŠTOVIČKA a Tomáš JIRSÍK. Real-time Pattern Detection in IP Flow Data using Apache Spark. Online. In \textit{2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)}. Washington DC, USA: IEEE, 2019, s.~521-526. ISBN~978-1-7281-0618-2.
|