Abstract

Philipp Meyer, Raphael Hiesgen, Thomas C. Schmidt, Marcin Nawrocki, Matthias Wählisch,
Towards Distributed Threat Intelligence in Real-Time,
In: Proceedings of SIGCOMM Posters and Demos '17, Demo Session, ACM : New York, NY, USA, August 2017.
[pdf][BibTeX][Abstract]

Abstract: In this demo, we address the problem of detecting anomalies on the Internet backbone in near real-time. Many of today's incidents may only become visible from inspecting multiple data sources and by considering multiple vantage points simultaneously. We present a setup based on the distributed forensic platform VAST that was extended to import various data streams from passive measurements and incident reporting at multiple locations, and perform an effective correlation analysis shortly after the data becomes exposed to our queries.

Themes: Network Security

 


This page generated by bibTOhtml on Wed 1 Apr 00:05:04 CEST 2020