All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

System for Continuous Collection of Contextual Information for Network Security Management and Incident Handling

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F21%3A00122049" target="_blank" >RIV/00216224:14610/21:00122049 - isvavai.cz</a>

  • Result on the web

    <a href="https://dl.acm.org/doi/abs/10.1145/3465481.3470037" target="_blank" >https://dl.acm.org/doi/abs/10.1145/3465481.3470037</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1145/3465481.3470037" target="_blank" >10.1145/3465481.3470037</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    System for Continuous Collection of Contextual Information for Network Security Management and Incident Handling

  • Original language description

    In this paper, we describe a system for the continuous collection of data for the needs of network security management. When a cybersecurity incident occurs in the network, the contextual information on the involved assets facilitates estimating the severity and impact of the incident and selecting an appropriate incident response. We propose a system based on the combination of active and passive network measurements and the correlation of the data with third-party systems. The system enumerates devices and services in the network and their vulnerabilities via fingerprinting of operating systems and applications. Further, the system pairs the hosts in the network with contacts on responsible administrators and highlights critical infrastructure and its dependencies. The system concentrates all the information required for common incident handling procedures and aims to speed up incident response, reduce the time spent on the manual investigation, and prevent errors caused by negligence or lack of information.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

    <a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    ARES 2021: The 16th International Conference on Availability, Reliability and Security

  • ISBN

    9781450390514

  • ISSN

  • e-ISSN

  • Number of pages

    8

  • Pages from-to

    1-8

  • Publisher name

    Association for Computing Machinery

  • Place of publication

    Virtual Event

  • Event location

    Virtual Event

  • Event date

    Aug 17, 2021

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000749539200084

Similar results(10)

CRUSOE: Data Model for Cyber Situation AwarenessDomainRadar - Detector of Malicious Domains (prototype)*Event Reconstruction from Network Flows