Warden 3: Internet Threat Sharing Platform

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F16%3A10130709" target="_blank" >RIV/63839172:_____/16:10130709 - isvavai.cz</a>

Výsledek na webu

<a href="http://www.naun.org/main/NAUN/computers/2016/a302007-172.pdf" target="_blank" >http://www.naun.org/main/NAUN/computers/2016/a302007-172.pdf</a>

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Warden 3: Internet Threat Sharing Platform

Popis výsledku v původním jazyce

For large existing body of automatically detected security events, be it honeypot machines or IDS systems, golden mine of netflow data or log data of production machines, manual distribution is infeasible. The Warden project is a platform for automated sharing detected security events among security teams. Involved parties can expand their own detected threat stream by events from other members, and vastly improve their security threat evasion and knowledge about network health. Clients, connected to Warden, can use incoming data as early warning systems, data mining and analysis engines, reputation databases, blacklist or firewall rule generators or just a data storage pools for history and trend analysis. This paper describes the design and implementation of Warden 3, the fundamental rewrite of previous version, taking advantage of nowadays technologies, using flexible JSON based Intrusion Detection Extensible Alert (IDEA) format, and aiming for robustness and solid performance.

Název v anglickém jazyce

Warden 3: Internet Threat Sharing Platform

Popis výsledku anglicky

For large existing body of automatically detected security events, be it honeypot machines or IDS systems, golden mine of netflow data or log data of production machines, manual distribution is infeasible. The Warden project is a platform for automated sharing detected security events among security teams. Involved parties can expand their own detected threat stream by events from other members, and vastly improve their security threat evasion and knowledge about network health. Clients, connected to Warden, can use incoming data as early warning systems, data mining and analysis engines, reputation databases, blacklist or firewall rule generators or just a data storage pools for history and trend analysis. This paper describes the design and implementation of Warden 3, the fundamental rewrite of previous version, taking advantage of nowadays technologies, using flexible JSON based Intrusion Detection Extensible Alert (IDEA) format, and aiming for robustness and solid performance.

Druh

J_x - Nezařazeno - Článek v odborném periodiku (Jimp, Jsc a Jost)

CEP obor

IN - Informatika

OECD FORD obor

—

Projekt

<a href="/cs/project/LM2010005" target="_blank" >LM2010005: Velká infrastruktura CESNET</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

International Journal of Computers

ISSN

1998-4308

e-ISSN

—

Svazek periodika

2016

Číslo periodika v rámci svazku

10

Stát vydavatele periodika

GR - Řecká republika

Počet stran výsledku

8

Strana od-do

101-108

Kód UT WoS článku

—

EID výsledku v databázi Scopus

—