Evaluating Reputation of Internet Entities

被引：3

作者：

Bartos, Vaclav ^{[1
,2
]}

Korenek, Jan ^{[1
]}

机构：

[1] Brno Univ Technol, Fac Informat Technol, Brno, Czech Republic

[2] CESNET Ale, Prague, Czech Republic

来源：

MANAGEMENT AND SECURITY IN THE AGE OF HYPERCONNECTIVITY, AIMS 2016 | 2016年 / 9701卷

关键词：

D O I：

10.1007/978-3-319-39814-3_13

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Security monitoring tools, such as honeypots, IDS, behavioral analysis or anomaly detection systems, generate large amounts of security events or alerts. These alerts are often shared within some communities using various alert sharing systems. Our research is focused on analysis of the huge amount of data present in these systems. In this work we focus on summarizing all alerts and other information known about a network entity into a measure called reputation score expressing the level of threat the entity poses. Computation of the reputation score is based on estimating probability of future attacks caused by the entity.

引用

页码：132 / 136

页数：5

共 9 条

[1] Bartos V, 2014, IEEE INT WORKSH COMP, P305, DOI 10.1109/CAMAD.2014.7033255
[2] Bartos Vaclav, 2016, 12016 CESNET
[3] ENISA, 2014, STAND TOOLS EXCH PRO
[4] Can we identify NAT behavior by analyzing Traffic Flows?
Gokcen, Yasemin
Foroushani, Vahid Aghaei
Zincir-Heywood, A. Nur
[J]. 2014 IEEE SECURITY AND PRIVACY WORKSHOPS (SPW 2014), 2014, : 132 - 139
[5] Long Vu, 2014, ACM SIGMETRICS Performance Evaluation Review, V42, P587, DOI 10.1145/2591971.2592034
[6] Moreira Moura G.C., THESIS
[7] Moreira Moura G.C., 2015, 14 INT C NETW MAY
[8] Moreira Moura G.C., 2014, NETW OP MAN S NOMS M, P1
[9] Abnormally Malicious Autonomous Systems and Their Internet Connectivity
Shue, Craig A.
Kalafut, Andrew J.
Gupta, Minaxi
[J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2012, 20 (01) : 220 - 230

← 1 →