Toward Real-time Network-wide Cyber Situational Awareness

Warning

This publication doesn't include Faculty of Arts. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

JIRSÍK Tomáš ČELEDA Pavel

Year of publication 2018
Type Article in Proceedings
Conference NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
MU Faculty or unit

Institute of Computer Science

Citation
Web https://ieeexplore.ieee.org/abstract/document/8406166/
Doi http://dx.doi.org/10.1109/NOMS.2018.8406166
Keywords cyber; situation awareness; real-time; Stream4Flow
Attached files
Description In today's complex computer networks, we are constantly facing a risk of data loss, system compromise, or intellectual property theft. The complexity of the networks hinders their effective defense. A Network-wide Cyber Situational Awareness (NwCSA) has been introduced to assist a network security administrator with network security. The concept, however, faces several challenges that hinder an efficient application of the NwCSA in a real-world environment. The challenges include the overload of raw data, low speed of reaction, and a lack of context and unified view on a network. In this paper, we present a novel framework that faces above mentioned challenges. The framework leverages a distributed data stream processing system and methods for real-time big data processing. The framework is evaluated with respect to stated requirements on systems for NwCSA. Moreover, we present a prototype framework implementation and provide lessons learned from its real-world deployment.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.