GRANEF: Utilization of a Graph Database for Network Forensics
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F21%3A00121895" target="_blank" >RIV/00216224:14610/21:00121895 - isvavai.cz</a>
Výsledek na webu
<a href="https://www.scitepress.org/PublicationsDetail.aspx?ID=av7edGmfq2Y=" target="_blank" >https://www.scitepress.org/PublicationsDetail.aspx?ID=av7edGmfq2Y=</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.5220/0010581807850790" target="_blank" >10.5220/0010581807850790</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
GRANEF: Utilization of a Graph Database for Network Forensics
Popis výsledku v původním jazyce
Understanding the information in captured network traffic, extracting the necessary data, and performing incident investigations are principal tasks of network forensics. The analysis of such data is typically performed by tools allowing manual browsing, filtering, and aggregation or tools based on statistical analyses and visualizations facilitating data comprehension. However, the human brain is used to perceiving the data in associations, which these tools can provide only in a limited form. We introduce a GRANEF toolkit that demonstrates a new approach to exploratory network data analysis based on associations stored in a graph database. In this article, we describe data transformation principles, utilization of a scalable graph database, and data analysis techniques. We then discuss and evaluate our proposed approach using a realistic dataset. Although we are at the beginning of our research, the current results show the great potential of association-based analysis.
Název v anglickém jazyce
GRANEF: Utilization of a Graph Database for Network Forensics
Popis výsledku anglicky
Understanding the information in captured network traffic, extracting the necessary data, and performing incident investigations are principal tasks of network forensics. The analysis of such data is typically performed by tools allowing manual browsing, filtering, and aggregation or tools based on statistical analyses and visualizations facilitating data comprehension. However, the human brain is used to perceiving the data in associations, which these tools can provide only in a limited form. We introduce a GRANEF toolkit that demonstrates a new approach to exploratory network data analysis based on associations stored in a graph database. In this article, we describe data transformation principles, utilization of a scalable graph database, and data analysis techniques. We then discuss and evaluate our proposed approach using a realistic dataset. Although we are at the beginning of our research, the current results show the great potential of association-based analysis.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
—
Návaznosti
R - Projekt Ramcoveho programu EK
Ostatní
Rok uplatnění
2021
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
Proceedings of the 18th International Conference on Security and Cryptography
ISBN
9789897585241
ISSN
2184-7711
e-ISSN
—
Počet stran výsledku
6
Strana od-do
785-790
Název nakladatele
SCITEPRESS
Místo vydání
Portugal
Místo konání akce
Portugal
Datum konání akce
1. 1. 2021
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
000720102500082