All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F14%3A00073230" target="_blank" >RIV/00216224:14610/14:00073230 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1007/978-3-662-43862-6_19" target="_blank" >http://dx.doi.org/10.1007/978-3-662-43862-6_19</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-662-43862-6_19" target="_blank" >10.1007/978-3-662-43862-6_19</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Enhancing Network Intrusion Detection by Correlation of Modularly Hashed Sketches

  • Original language description

    The rapid development of network technologies entails an increase in traffic volume and attack count. The associated increase in computational complexity for methods of deep packet inspection has driven the development of behavioral detection methods. These methods distinguish attackers from valid users by measuring how closely their behavior resembles known anomalous behavior. In real-life deployment, an attacker is flagged only on very close resemblance to avoid false positives. However, many attackscan then go undetected. We believe that this problem can be solved by using more detection methods and then correlating their results. These methods can be set to higher sensitivity, and false positives are then reduced by accepting only attacks reportedfrom more sources. To this end we propose a novel sketch-based method that can detect attackers using a correlation of particular anomaly detections.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/VF20132015031" target="_blank" >VF20132015031: Security of Optical Components in Data and Communication Networks</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2014

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Monitoring and Securing Virtualized Networks and Services, Lecture Notes in Computer Science, Vol. 8508

  • ISBN

    9783662438619

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    13

  • Pages from-to

    160-172

  • Publisher name

    Springer Berlin Heidelberg

  • Place of publication

    Berlin

  • Event location

    Brno, Masarykova univerzita

  • Event date

    Jan 1, 2014

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000347615900019

Similar results(10)

BotDet: A System for Real Time Botnet Command and Control Traffic DetectionRandomized Operating Point Selection in Adversarial ClassificationAspect-based Attack Detection in Large-scale Networks