Network events correlation for federated networks protection system

Authors:
Michał Choras;Rafał Kozik;Rafał Piotrowski;Juliusz Brzostek;Witold Hołubowicz
Affiliations:
ITTI Ltd., Poznan and Institute of Telecommunications, UT&LS Bydgoszcz, Poland;ITTI Ltd., Poznan and Institute of Telecommunications, UT&LS Bydgoszcz, Poland;Military Communication Institute, Zegrze, Poland;NASK, Warsaw, Poland;ITTI Ltd., Poznan, Poland and Adam Mickiewicz University, Poznan
Venue:
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Year:
2011

Citing 2
Cited 0

Enabling technology for knowledge sharing

AI Magazine
Statistical and signal-based network traffic recognition for anomaly detection

Expert Systems: The Journal of Knowledge Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper a concept and an architecture of the Federated Networks Protection System (FNPS) is proposed. The system components are described and, particularly, the Decision Module (FNPS-DM) is discussed. The major contributions of the paper are: concept of federated networks security, the proposition of the network events correlation approach and semantic notations aimed at detecting complex cyber attacks and 0-day exploits. Moreover P2P based communication between federated networks is proposed.