CopAS: A Big Data Forensic Analytics System

D 2023

CopAS: A Big Data Forensic Analytics System

MACÁK, Martin; Tomáš REBOK; Matúš ŠTOVČIK; Mouzhi GE; Bruno ROSSI et. al.

Basic information

Original name

CopAS: A Big Data Forensic Analytics System

Authors

MACÁK, Martin (703 Slovakia, guarantor, belonging to the institution); Tomáš REBOK (203 Czech Republic, belonging to the institution); Matúš ŠTOVČIK (703 Slovakia, belonging to the institution); Mouzhi GE (156 China); Bruno ROSSI (380 Italy, belonging to the institution) and Barbora BÜHNOVÁ (203 Czech Republic, belonging to the institution)

Edition

Setubal, Portugal, Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1, p. 150-161, 12 pp. 2023

Publisher

SciTePress

Other information

Language

English

Type of outcome

Proceedings paper

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

Portugal

Confidentiality degree

is not subject to a state or trade secret

Publication form

electronic version available online

References:

URL

RIV identification code

RIV/00216224:14330/23:00130487

Organization unit

Faculty of Informatics

ISBN

978-989-758-643-9

ISSN

DOI

http://dx.doi.org/10.5220/0011929000003482

UT WoS

001078900300014

EID Scopus

2-s2.0-85160726182

Keywords in English

Network Security; Network Traffic Analysis; Forensics Analysis; Big Data; Insider Attack Detection

Abstract

In the original language

With the advancing digitization of our society, network security has become one of the critical concerns for most organizations. In this paper, we present CopAS, a system targeted at Big Data forensics analysis, allowing network operators to comfortably analyze and correlate large amounts of network data to get insights about potentially malicious and suspicious events. We demonstrate the practical usage of CopAS for insider attack detection on a publicly available PCAP dataset and show how the system can be used to detect insiders hiding their malicious activity in the large amounts of data streams generated during the operations of an organization within the network.

Links

CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)

Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research

EF16_019/0000822, research and development project

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Cite

MACÁK, Martin; Tomáš REBOK; Matúš ŠTOVČIK; Mouzhi GE; Bruno ROSSI and Barbora BÜHNOVÁ. CopAS: A Big Data Forensic Analytics System. Online. In Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1. Setubal, Portugal: SciTePress, 2023, p. 150-161. ISBN 978-989-758-643-9. Available from: https://dx.doi.org/10.5220/0011929000003482.

@inproceedings{2269259,
   author = {Macák, Martin and Rebok, Tomáš and Štovčik, Matúš and Ge, Mouzhi and Rossi, Bruno and Bühnová, Barbora},
   address = {Setubal, Portugal},
   booktitle = {Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1},
   doi = {http://dx.doi.org/10.5220/0011929000003482},
   keywords = {Network Security; Network Traffic Analysis; Forensics Analysis; Big Data; Insider Attack Detection},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Setubal, Portugal},
   isbn = {978-989-758-643-9},
   pages = {150-161},
   publisher = {SciTePress},
   title = {CopAS: A Big Data Forensic Analytics System},
   url = {https://www.scitepress.org/PublicationsDetail.aspx?ID=umluZcUjShA=&t=1},
   year = {2023}
}

TY  - CONF
ID  - 2269259
AU  - Macák, Martin - Rebok, Tomáš - Štovčik, Matúš - Ge, Mouzhi - Rossi, Bruno - Bühnová, Barbora
PY  - 2023
TI  - CopAS: A Big Data Forensic Analytics System
PB  - SciTePress
CY  - Setubal, Portugal
SN  - 9789897586439
KW  - Network Security
KW  - Network Traffic Analysis
KW  - Forensics Analysis
KW  - Big Data
KW  - Insider Attack Detection
UR  - https://www.scitepress.org/PublicationsDetail.aspx?ID=umluZcUjShA=&t=1
N2  - With the advancing digitization of our society, network security has become one of the critical concerns for most organizations. In this paper, we present CopAS, a system targeted at Big Data forensics analysis, allowing network operators to comfortably analyze and correlate large amounts of network data to get insights about potentially malicious and suspicious events. We demonstrate the practical usage of CopAS for insider attack detection on a publicly available PCAP dataset and show how the system can be used to detect insiders hiding their malicious activity in the large amounts of data streams generated during the operations of an organization within the network.
ER  -

MACÁK, Martin; Tomáš REBOK; Matúš ŠTOVČIK; Mouzhi GE; Bruno ROSSI and Barbora BÜHNOVÁ. CopAS: A Big Data Forensic Analytics System. Online. In \textit{Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1}. Setubal, Portugal: SciTePress, 2023, p.~150-161. ISBN~978-989-758-643-9. Available from: https://dx.doi.org/10.5220/0011929000003482.

Přehled o publikaci