NERD: Network Entity Reputation Database

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F19%3A10133165" target="_blank" >RIV/63839172:_____/19:10133165 - isvavai.cz</a>

Výsledek na webu

<a href="https://dl.acm.org/doi/10.1145/3339252.3340512" target="_blank" >https://dl.acm.org/doi/10.1145/3339252.3340512</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3339252.3340512" target="_blank" >10.1145/3339252.3340512</a>

Jazyk výsledku

angličtina

Název v původním jazyce

NERD: Network Entity Reputation Database

Popis výsledku v původním jazyce

We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.

Název v anglickém jazyce

NERD: Network Entity Reputation Database

Popis výsledku anglicky

We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 14th International Conference on Availability, Reliability and Security

ISBN

978-1-4503-7164-3

ISSN

—

e-ISSN

—

Počet stran výsledku

7

Strana od-do

1-7

Název nakladatele

ACM

Místo vydání

New York, NY, USA

Místo konání akce

Canterbury, United Kingdom

Datum konání akce

26. 8. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—