A Scalable Architecture for Network Traffic Forensics

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F19%3APU135005" target="_blank" >RIV/00216305:26230/19:PU135005 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.fit.vut.cz/research/publication/11927/" target="_blank" >https://www.fit.vut.cz/research/publication/11927/</a>

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

A Scalable Architecture for Network Traffic Forensics

Popis výsledku v původním jazyce

Availability of high-speed Internet enables new opportunities for various cybercrime activities. Security administrators and LEA (Law Enforcement Agency) officers call for powerful tools capable of providing network communication analysis of an enormous amount of network traffic moreover, capable of analyzing an incomplete network data.  Big data technologies were considered to implement tools for capturing, processing and storing packet traces representing network communication. Often, these systems are resource intensive requiring a significant amount of memory, computing power, and disk space. Presented paper describes a novel approach to real-time network traffic processing implemented in a distributed environment. The key difference to most existing systems is that the system is based on a light-weight actor model. The whole processing pipeline is represented in terms of actor nodes that can run in parallel. Also, actor-model offers a solution that is highly configurable and scalable.  The preliminary evaluation of a prototype implementation supports these general statements.

Název v anglickém jazyce

A Scalable Architecture for Network Traffic Forensics

Popis výsledku anglicky

Availability of high-speed Internet enables new opportunities for various cybercrime activities. Security administrators and LEA (Law Enforcement Agency) officers call for powerful tools capable of providing network communication analysis of an enormous amount of network traffic moreover, capable of analyzing an incomplete network data.  Big data technologies were considered to implement tools for capturing, processing and storing packet traces representing network communication. Often, these systems are resource intensive requiring a significant amount of memory, computing power, and disk space. Presented paper describes a novel approach to real-time network traffic processing implemented in a distributed environment. The key difference to most existing systems is that the system is based on a light-weight actor model. The whole processing pipeline is represented in terms of actor nodes that can run in parallel. Also, actor-model offers a solution that is highly configurable and scalable.  The preliminary evaluation of a prototype implementation supports these general statements.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

The Fifteenth International Conference on Networking and Services ICNS 2019

ISBN

978-1-61208-711-5

ISSN

—

e-ISSN

—

Počet stran výsledku

5

Strana od-do

32-36

Název nakladatele

The International Academy, Research and Industry Association

Místo vydání

Athens

Místo konání akce

Athens

Datum konání akce

2. 6. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—