| KRMÍČEK, Vojtěch, Jan VYKOPAL, Tomáš PLESNÍK, Andrej RUŽIČKA, Pavel ČELEDA and Michal TRUNEČKA. NetFlow-based NAT detection module. 2009. |
|
Other formats:
BibTeX
LaTeX
RIS
|
| Basic information | |
|---|---|
| Original name | NetFlow-based NAT detection module |
| Name in Czech | Modul detekce NAT pomocí NetFlow |
| Authors | KRMÍČEK, Vojtěch (203 Czech Republic, belonging to the institution), Jan VYKOPAL (203 Czech Republic, guarantor, belonging to the institution), Tomáš PLESNÍK (203 Czech Republic, belonging to the institution), Andrej RUŽIČKA (703 Slovakia, belonging to the institution), Pavel ČELEDA (203 Czech Republic, belonging to the institution) and Michal TRUNEČKA (203 Czech Republic, belonging to the institution). |
| Edition | 2009. |
| Other information | |
|---|---|
| Original language | English |
| Type of outcome | Software |
| Field of Study | 10201 Computer sciences, information science, bioinformatics |
| Country of publisher | Czech Republic |
| Confidentiality degree | is not subject to a state or trade secret |
| RIV identification code | RIV/00216224:14610/09:00040916 |
| Organization unit | Institute of Computer Science |
| Keywords (in Czech) | NAT; NetFlow; detekce průniků |
| Keywords in English | NAT; NetFlow; intrusion detection |
| Technical parameters | Odpovědná osoba: Eva Janouškovcová, Masarykova univerzita, Centrum pro transfer technologií, Žerotínovo nám. 9, 601 77 Brno, tel.: +420 549 49 8016, e-mail: ctt@ctt.muni.cz |
| Tags | intrusion detection, NAT, netflow |
| Tags | International impact |
| Changed by | Changed by: doc. Ing. Pavel Čeleda, Ph.D., učo 206086. Changed: 9/3/2013 21:32. |
| Abstract |
|---|
| Netflow-based NAT detection module consists of five detection methods that process extended NetFlow data (IPid, TTL, PortSequences, SubnetTTL and TCP_SYN) and aggregator. Each of detection method produces a list of IP addresses and uncertainty of NAT behind the given IP address. The aggregator evalutes and correlates these outputs and produces total uncertainty of NAT behind the given IP addres. |
| Abstract (in Czech) |
|---|
| Modul detekce NAT pomocí NetFlow sestává z pěti detekčních metod, které zpracovávají rozšířená NetFlow data (IPid, TTL, PortSequences, SubnetTTL and TCP_SYN) a agregátoru. Každá z detekčních metod dává na výstup neurčitost s jakou je za danou IP adresou zařízení zajišťující NAT. Agregátor vyhodnocuje výstupy těchto jednotlivých metod a na výstup dává celkovou neurčitost s jakou je za danou IP adresou NAT. |
| Links | |
|---|---|
| OVMASUN200801, research and development project | Name: CYBER ? Bezpečnost informačních a komunikačních systémů AČR - on line monitorování, vizualizace a filtrace paketů. Rozvoj schopností Computer Incident Response Capability v prostředí Cyber Defence. (Acronym: CYBER) |
| Investor: Ministry of Defence of the CR, CYBER - Security of Czech Army Information and Communication Systems - On-line Monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment | |
PrintDisplayed: 18/8/2024 08:27