Towards Distributed Threat Intelligence in Real-Time
| Title | Towards Distributed Threat Intelligence in Real-Time |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Meyer, Philipp, Hiesgen, Raphael, Schmidt, Thomas C., Nawrocki, Marcin, Wählisch, Matthias |
| Conference Name | Proceedings of the SIGCOMM Posters and Demos |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5057-0 |
| Keywords | Human Behavior, Internet security, Metrics, network forensic, pubcrawl, resilience, Resiliency, threat detection, threat mitigation |
| Abstract | In this demo, we address the problem of detecting anomalies on the Internet backbone in near real-time. Many of today's incidents may only become visible from inspecting multiple data sources and by considering multiple vantage points simultaneously. We present a setup based on the distributed forensic platform VAST that was extended to import various data streams from passive measurements and incident reporting at multiple locations, and perform an effective correlation analysis shortly after the data becomes exposed to our queries. |
| URL | https://dl.acm.org/citation.cfm?doid=3123878.3131992 |
| DOI | 10.1145/3123878.3131992 |
| Citation Key | meyer_towards_2017 |