This HTML5 document contains 48 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
n15http://linked.opendata.cz/ontology/domain/vavai/riv/typAkce/
dctermshttp://purl.org/dc/terms/
n16http://localhost/temp/predkladatel/
n14http://purl.org/net/nknouf/ns/bibtex#
n23http://linked.opendata.cz/resource/domain/vavai/projekt/
n17http://linked.opendata.cz/resource/domain/vavai/riv/tvurce/
n20http://linked.opendata.cz/resource/domain/vavai/subjekt/
n19http://linked.opendata.cz/ontology/domain/vavai/
n22https://schema.org/
shttp://schema.org/
skoshttp://www.w3.org/2004/02/skos/core#
n3http://linked.opendata.cz/ontology/domain/vavai/riv/
n12http://linked.opendata.cz/resource/domain/vavai/vysledek/RIV%2F61989100%3A27740%2F13%3A86086892%21RIV14-MSM-27740___/
n18http://bibframe.org/vocab/
n2http://linked.opendata.cz/resource/domain/vavai/vysledek/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n5http://linked.opendata.cz/ontology/domain/vavai/riv/klicoveSlovo/
n21http://linked.opendata.cz/ontology/domain/vavai/riv/duvernostUdaju/
xsdhhttp://www.w3.org/2001/XMLSchema#
n13http://linked.opendata.cz/ontology/domain/vavai/riv/aktivita/
n10http://linked.opendata.cz/ontology/domain/vavai/riv/jazykVysledku/
n11http://linked.opendata.cz/ontology/domain/vavai/riv/druhVysledku/
n4http://linked.opendata.cz/ontology/domain/vavai/riv/obor/
n7http://reference.data.gov.uk/id/gregorian-year/

Statements

Subject Item
n2:RIV%2F61989100%3A27740%2F13%3A86086892%21RIV14-MSM-27740___
rdf:type
skos:Concept n19:Vysledek
dcterms:description
There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data. There are many ways of getting real data about malicious activity in a network. One of them relies on masquerading monitoring servers as a production one. These servers are called honeypots and data about attacks on them brings us valuable information about actual attacks and techniques used by hackers. The article describes distributed topology of honeypots, which was developed with a strong orientation on monitoring of IP telephony traffic. IP telephony servers can be easily exposed to various types of attacks, and without protection, this situation can lead to loss of money and other unpleasant consequences. Using a distributed topology with honeypots placed in different geological locations and networks provides more valuable and independent results. With automatic system of gathering information from all honeypots, it is possible to work with all information on one centralized point. Communication between honeypots and centralized data store use secure SSH tunnels and server communicates only with authorized honeypots. The centralized server also automatically analyses data from each honeypot. Results of this analysis and also other statistical data about malicious activity are simply accessible through a built-in web server. All statistical and analysis reports serve as information basis for an algorithm which classifies different types of used VoIP attacks. The web interface then brings a tool for quick comparison and evaluation of actual attacks in all monitored networks. The article describes both, the honeypots nodes in distributed architecture, which monitor suspicious activity, and also methods and algorithms used on the server side for analysis of gathered data.
dcterms:title
Automatic analysis of attack data from distributed honeypot network Automatic analysis of attack data from distributed honeypot network
skos:prefLabel
Automatic analysis of attack data from distributed honeypot network Automatic analysis of attack data from distributed honeypot network
skos:notation
RIV/61989100:27740/13:86086892!RIV14-MSM-27740___
n19:predkladatel
n20:orjk%3A27740
n3:aktivita
n13:P
n3:aktivity
P(ED1.1.00/02.0070)
n3:dodaniDat
n7:2014
n3:domaciTvurceVysledku
n17:8051283
n3:druhVysledku
n11:D
n3:duvernostUdaju
n21:S
n3:entitaPredkladatele
n12:predkladatel
n3:idSjednocenehoVysledku
62584
n3:idVysledku
RIV/61989100:27740/13:86086892
n3:jazykVysledku
n10:eng
n3:klicovaSlova
VoIP attacks; Honeypot network; Attack data analysis; Attack classification
n3:klicoveSlovo
n5:Honeypot%20network n5:VoIP%20attacks n5:Attack%20classification n5:Attack%20data%20analysis
n3:kontrolniKodProRIV
[1D14C8900E03]
n3:mistoKonaniAkce
Baltimore
n3:mistoVydani
Bellingham
n3:nazevZdroje
Proceedings of SPIE - The International Society for Optical Engineering. Volume 8755
n3:obor
n4:JC
n3:pocetDomacichTvurcuVysledku
1
n3:pocetTvurcuVysledku
5
n3:projekt
n23:ED1.1.00%2F02.0070
n3:rokUplatneniVysledku
n7:2013
n3:tvurceVysledku
Šafařík, Jakub Partila, Pavol Tomala, Karel Vozňák, Miroslav Řezáč, Filip
n3:typAkce
n15:WRD
n3:wos
000323598400026
n3:zahajeniAkce
2013-04-29+02:00
s:issn
0277-786X
s:numberOfPages
7
n18:doi
10.1117/12.2015514
n14:hasPublisher
SPIE
n22:isbn
978-0-8194-9546-4
n16:organizacniJednotka
27740