MACÁK, Martin, Tomáš REBOK, Matúš ŠTOVČIK, Mouzhi GE, Bruno ROSSI and Barbora BÜHNOVÁ. CopAS: A Big Data Forensic Analytics System. Online. In Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1. Setubal, Portugal: SciTePress, 2023, p. 150-161. ISBN 978-989-758-643-9. Available from: https://dx.doi.org/10.5220/0011929000003482.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name CopAS: A Big Data Forensic Analytics System
Authors MACÁK, Martin (703 Slovakia, guarantor, belonging to the institution), Tomáš REBOK (203 Czech Republic, belonging to the institution), Matúš ŠTOVČIK (703 Slovakia, belonging to the institution), Mouzhi GE (156 China), Bruno ROSSI (380 Italy, belonging to the institution) and Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution).
Edition Setubal, Portugal, Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1, p. 150-161, 12 pp. 2023.
Publisher SciTePress
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher Portugal
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14330/23:00130487
Organization unit Faculty of Informatics
ISBN 978-989-758-643-9
ISSN 2184-4976
Doi http://dx.doi.org/10.5220/0011929000003482
UT WoS 001078900300014
Keywords in English Network Security; Network Traffic Analysis; Forensics Analysis; Big Data; Insider Attack Detection
Tags firank_B
Tags International impact, Reviewed
Changed by Changed by: RNDr. Pavel Šmerk, Ph.D., učo 3880. Changed: 7/4/2024 22:54.
Abstract
With the advancing digitization of our society, network security has become one of the critical concerns for most organizations. In this paper, we present CopAS, a system targeted at Big Data forensics analysis, allowing network operators to comfortably analyze and correlate large amounts of network data to get insights about potentially malicious and suspicious events. We demonstrate the practical usage of CopAS for insider attack detection on a publicly available PCAP dataset and show how the system can be used to detect insiders hiding their malicious activity in the large amounts of data streams generated during the operations of an organization within the network.
Links
CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)		Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 5/10/2024 22:22