About: Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches

Facets (new session)
Description
Metadata
Settings
- owl:sameAs
- Inference Rule:

About: Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches Goto Sponge NotDistinct Permalink

An Entity of Type : http://linked.opendata.cz/ontology/domain/vavai/Vysledek, within Data Space : linked.opendata.cz associated with source document(s)

Attributes	Values
rdf:type	skos:Concept http://linked.opendata.cz/ontology/domain/vavai/Vysledek
rdfs:seeAlso	http://dx.doi.org/10.1007/978-3-662-43862-6_19
Description	The rapid development of network technologies entails an increase in traffic volume and attack count. The associated increase in computational complexity for methods of deep packet inspection has driven the development of behavioral detection methods. These methods distinguish attackers from valid users by measuring how closely their behavior resembles known anomalous behavior. In real-life deployment, an attacker is flagged only on very close resemblance to avoid false positives. However, many attacks can then go undetected. We believe that this problem can be solved by using more detection methods and then correlating their results. These methods can be set to higher sensitivity, and false positives are then reduced by accepting only attacks reported from more sources. To this end we propose a novel sketch-based method that can detect attackers using a correlation of particular anomaly detections. The rapid development of network technologies entails an increase in traffic volume and attack count. The associated increase in computational complexity for methods of deep packet inspection has driven the development of behavioral detection methods. These methods distinguish attackers from valid users by measuring how closely their behavior resembles known anomalous behavior. In real-life deployment, an attacker is flagged only on very close resemblance to avoid false positives. However, many attacks can then go undetected. We believe that this problem can be solved by using more detection methods and then correlating their results. These methods can be set to higher sensitivity, and false positives are then reduced by accepting only attacks reported from more sources. To this end we propose a novel sketch-based method that can detect attackers using a correlation of particular anomaly detections. (en)
Title	Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches (en)
skos:prefLabel	Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches (en)
skos:notation	RIV/00216224:14610/14:00073230!RIV15-MV0-14610___
http://linked.open...avai/riv/aktivita	P
http://linked.open...avai/riv/aktivity	P(VF20132015031)
http://linked.open...vai/riv/dodaniDat	2015
http://linked.open...aciTvurceVysledku	Jirsík, Tomáš Drašar, Martin Vizváry, Martin
http://linked.open.../riv/druhVysledku	D - Článek ve sborníku
http://linked.open...iv/duvernostUdaju	S - Úplné a pravdivé údaje nepodléhající ochraně podle zvláštních právních předpisů
http://linked.open...titaPredkladatele	Masarykova univerzita / Ústav výpočetní techniky
http://linked.open...dnocenehoVysledku	14688
http://linked.open...ai/riv/idVysledku	RIV/00216224:14610/14:00073230
http://linked.open...riv/jazykVysledku	eng - angličtina
http://linked.open.../riv/klicovaSlova	intrusion detection; NetFlow; sketch; modular hashes; correlation (en)
http://linked.open.../riv/klicoveSlovo	modular hashes NetFlow intrusion detection sketch correlation
http://linked.open...ontrolniKodProRIV	[72DB51FECA8F]
http://linked.open...v/mistoKonaniAkce	Brno, Masarykova univerzita
http://linked.open...i/riv/mistoVydani	Berlin
http://linked.open...i/riv/nazevZdroje	Monitoring and Securing Virtualized Networks and Services, Lecture Notes in Computer Science, Vol. 8508
http://linked.open...in/vavai/riv/obor	IN
http://linked.open...ichTvurcuVysledku	3 (xsd:int)
http://linked.open...cetTvurcuVysledku	3 (xsd:int)
http://linked.open...vavai/riv/projekt	Security of Optical Components in Data and Communication Networks
http://linked.open...UplatneniVysledku	2014
http://linked.open...iv/tvurceVysledku	Drašar, Martin Vizváry, Martin Jirsík, Tomáš
http://linked.open...vavai/riv/typAkce	WRD - Světová
http://linked.open...ain/vavai/riv/wos	000347615900019
http://linked.open.../riv/zahajeniAkce	2014-01-01 (xsd:date)
issn	0302-9743
number of pages	13 (xsd:int)
http://bibframe.org/vocab/doi	10.1007/978-3-662-43862-6_19
http://purl.org/ne...btex#hasPublisher	Springer-Verlag. (Berlin; Heidelberg)
https://schema.org/isbn	9783662438619
http://localhost/t...ganizacniJednotka	14610

Faceted Search & Find service v1.16.118 as of Jun 21 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 07.20.3240 as of Jun 21 2024, on Linux (x86_64-pc-linux-gnu), Single-Server Edition (126 GB total memory, 58 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software