GRANEF: Utilization of a Graph Database for Network Forensics

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F21%3A00121895" target="_blank" >RIV/00216224:14610/21:00121895 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scitepress.org/PublicationsDetail.aspx?ID=av7edGmfq2Y=" target="_blank" >https://www.scitepress.org/PublicationsDetail.aspx?ID=av7edGmfq2Y=</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0010581807850790" target="_blank" >10.5220/0010581807850790</a>

Jazyk výsledku

angličtina

Název v původním jazyce

GRANEF: Utilization of a Graph Database for Network Forensics

Popis výsledku v původním jazyce

Understanding the information in captured network traffic, extracting the necessary data, and performing incident investigations are principal tasks of network forensics. The analysis of such data is typically performed by tools allowing manual browsing, filtering, and aggregation or tools based on statistical analyses and visualizations facilitating data comprehension. However, the human brain is used to perceiving the data in associations, which these tools can provide only in a limited form. We introduce a GRANEF toolkit that demonstrates a new approach to exploratory network data analysis based on associations stored in a graph database. In this article, we describe data transformation principles, utilization of a scalable graph database, and data analysis techniques. We then discuss and evaluate our proposed approach using a realistic dataset. Although we are at the beginning of our research, the current results show the great potential of association-based analysis.

Název v anglickém jazyce

GRANEF: Utilization of a Graph Database for Network Forensics

Popis výsledku anglicky

Understanding the information in captured network traffic, extracting the necessary data, and performing incident investigations are principal tasks of network forensics. The analysis of such data is typically performed by tools allowing manual browsing, filtering, and aggregation or tools based on statistical analyses and visualizations facilitating data comprehension. However, the human brain is used to perceiving the data in associations, which these tools can provide only in a limited form. We introduce a GRANEF toolkit that demonstrates a new approach to exploratory network data analysis based on associations stored in a graph database. In this article, we describe data transformation principles, utilization of a scalable graph database, and data analysis techniques. We then discuss and evaluate our proposed approach using a realistic dataset. Although we are at the beginning of our research, the current results show the great potential of association-based analysis.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

R - Projekt Ramcoveho programu EK

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 18th International Conference on Security and Cryptography

ISBN

9789897585241

ISSN

2184-7711

e-ISSN

—

Počet stran výsledku

6

Strana od-do

785-790

Název nakladatele

SCITEPRESS

Místo vydání

Portugal

Místo konání akce

Portugal

Datum konání akce

1. 1. 2021

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000720102500082