Network and Topology Models to Support IDS Event Processing

被引:1
|
作者
Kippe, Joerg [1 ]
Pfrang, Steffen [1 ]
机构
[1] Fraunhofer IOSB, Fraunhoferstr 1, D-76131 Karlsruhe, Germany
关键词
Intrusion Detection; Network Modeling; Network Awareness; YANG;
D O I
10.5220/0006189403720379
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper describes our work on network models to provide awareness to the process of correlating network security alerts as well as to support the asset assessment process within the security analysis of IT infrastructures. Various means of discovery methods mostly known from network management are used to discover nodes, their properties as well as the links connecting the nodes and building a network. Our implementation is based on existing open source components which have been integrated together and are using an information model according to proposed open standards.
引用
收藏
页码:372 / 379
页数:8
相关论文
共 50 条
  • [1] Towards Requirements for Event Processing Network Models
    Koschel, Arne
    Astrova, Irina
    Kobert, Sebastian
    Naumann, Jan
    Ruhe, Tobias
    Starodubtsev, Oleg
    [J]. 2017 8TH INTERNATIONAL CONFERENCE ON INFORMATION, INTELLIGENCE, SYSTEMS & APPLICATIONS (IISA), 2017, : 248 - 253
  • [2] On Requirements for Event Processing Network Models Using Business Event Modeling Notation
    Koschel, Arne
    Astrova, Irina
    Kobert, Sebastian
    Naumann, Jan
    Ruhe, Tobias
    Starodubtsev, Oleg
    [J]. INTELLIGENT COMPUTING, VOL 1, 2019, 858 : 756 - 762
  • [3] Design of Complex Event-Processing IDS in Internet of Things
    Jun, Chen
    Chi, Chen
    [J]. 2014 SIXTH INTERNATIONAL CONFERENCE ON MEASURING TECHNOLOGY AND MECHATRONICS AUTOMATION (ICMTMA), 2014, : 230 - 233
  • [4] Construction and Updating of Event Models in Auditory Event Processing
    Huff, Markus
    Maurer, Annika E.
    Brich, Irina
    Pagenkopf, Anne
    Wickelmaier, Florian
    Papenmeier, Frank
    [J]. JOURNAL OF EXPERIMENTAL PSYCHOLOGY-LEARNING MEMORY AND COGNITION, 2018, 44 (02) : 307 - 320
  • [5] A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology
    Le, Anhtuan
    Loo, Jonathan
    Chai, Kok Keong
    Aiash, Mahdi
    [J]. INFORMATION, 2016, 7 (02)
  • [6] Event-driven network topology monitoring function
    Chao, W
    Tsun, W
    [J]. IBM SYSTEMS JOURNAL, 1996, 35 (01) : 25 - 36
  • [7] Adaptive topology protocol for network game support
    Lomov, VA
    Shoja, GC
    [J]. 2003 IEEE PACIFIC RIM CONFERENCE ON COMMUNICATIONS, COMPUTERS, AND SIGNAL PROCESSING, VOLS 1 AND 2, CONFERENCE PROCEEDINGS, 2003, : 21 - 24
  • [8] Semantic Complex Event Processing for Decision Support
    Keskisarkka, Robin
    [J]. SEMANTIC WEB - ISWC 2014, PT II, 2014, 8797 : 529 - 536
  • [9] An IEC 61850 synchronised event logger for substation topology processing
    Liu Y.
    Zivanovic R.
    Al-Sarawi S.
    [J]. Australian Journal of Electrical and Electronics Engineering, 2010, 7 (03): : 225 - 232
  • [10] Practical IDS on In-vehicle Network Against Diversified Attack Models
    Xiao, Junchao
    Wu, Hao
    Li, Xiangxue
    Yuan, Linghu
    [J]. ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2019, PT II, 2020, 11945 : 456 - 466