Další formáty:
BibTeX
LaTeX
RIS
@misc{1114536, author = {Kácha, Pavel and Kropáčová, Andrea and Vykopal, Jan}, keywords = {CSIRT; security incident; netflow; network anomaly; IDS}, title = {WARDEN: realtime sharing of detected threats between CSIRT teams}, url = {http://reg.first.org/papers/Files/c10e9342-540c-4010-9f7a-4797f3a1c454/FIRST13_Warden_slides_ph_1.pdf}, year = {2013} }
TY - GEN ID - 1114536 AU - Kácha, Pavel - Kropáčová, Andrea - Vykopal, Jan PY - 2013 TI - WARDEN: realtime sharing of detected threats between CSIRT teams KW - CSIRT KW - security incident KW - netflow KW - network anomaly KW - IDS UR - http://reg.first.org/papers/Files/c10e9342-540c-4010-9f7a-4797f3a1c454/FIRST13_Warden_slides_ph_1.pdf N2 - The Warden project is a sharing platform for detected security events, whose characteristics can be watched and used by members of the network for evading possible security threats. There exists large body of automatically detected security events, be it honeypot machines or IDS systems at campuses, golden mine of netflow data or dictionary attacks from log data of production machines. Manual distribution of this events is laborious and generates further work which the team is usually not able to cover, causing distortion, losses and unneeded delays. In our CESNET2 national research and educational network, we attempted to solve these dilemmas by designing the Warden – open early warning system, which enables security teams to proactively and efficiently share and use information relating to detected network and service anomalies that had been generated by various systems. ER -
KÁCHA, Pavel, Andrea KROPÁČOVÁ a Jan VYKOPAL. \textit{WARDEN: realtime sharing of detected threats between CSIRT teams}. 2013.
|