All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Automatic Network Protection Scenarios Using NetFlow

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F12%3A00058680" target="_blank" >RIV/00216224:14610/12:00058680 - isvavai.cz</a>

  • Result on the web

    <a href="http://www.cert.org/flocon/2012/presentations/krmicek-protection-scenarios.pdf" target="_blank" >http://www.cert.org/flocon/2012/presentations/krmicek-protection-scenarios.pdf</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Automatic Network Protection Scenarios Using NetFlow

  • Original language description

    Protecting a computer network against various types of network attacks is becoming more difficult due to increasing speeds of current computer networks and due to new types of network threats appearing every day. NetFlow monitoring is used with advantageto inspect all incoming traffic and detect attacks against monitored networks. In this presentation we will describe five scenarios using NetFlow for an automatic protection of a local network: 1) NetFlow monitoring and remotely triggered black hole filtering; 2) NetFlow monitoring and firewalling; 3) NetFlow monitoring and phishing quarantine; 4) NetFlow monitoring and traffic shaping; and 5) NetFlow monitoring and counter-attacking. These scenarios will be illustrated using the example of an SSH brute force attack. Possibilities to use a hardware device for NetFlow monitoring and traffic filtering will be discussed and compared to software alternatives.

  • Czech name

  • Czech description

Classification

  • Type

    A - Audiovisual production

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/OVMASUN200801" target="_blank" >OVMASUN200801: Security of Czech army information and communication systems - On-line monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment.</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2012

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • ISBN

  • Place of publication

  • Publisher/client name

  • Version

  • Carrier ID

Similar results(10)

Detector of DoS Attacks via Network Flow AnalysisNetFlow for network securityIntrusion Prevention System of Slow HTTP DoS and DDoS attack