Detailed Information on Publication Record
2021
Graph-based Network Traffic Analysis for Incident Investigation
ČERMÁK, MilanBasic information
Original name
Graph-based Network Traffic Analysis for Incident Investigation
Authors
ČERMÁK, Milan
Edition
The 16th International Conference on Availability, Reliability and Security, 2021
Other information
Language
English
Type of outcome
Vyžádané přednášky
Country of publisher
Czech Republic
Confidentiality degree
není předmětem státního či obchodního tajemství
Organization
Ústav výpočetní techniky – Repository – Repository
Keywords in English
Network Forensics;Graph Database;Incident Investigation;Dgraph;Zeek;Association-based Analysis
Links
833418, interní kód Repo.
Změněno: 29/4/2022 03:09, RNDr. Daniel Jakubík
Abstract
V originále
In this presentation, we introduce a new approach to analyzing network traffic data using associations. In the beginning, we discuss the benefits and issues of currently used analysis tools. Next, we propose a new data representation model and utilization of a graph database to store such data. In the main part of the presentation, we introduce the Granef toolkit and its use for incident investigation.