%0 Conference Proceedings
%T Detecting Advanced Network Threats Using a Similarity Search
%+ Masaryk University [Brno] (MUNI)
%A Čermák, Milan
%A Čeleda, Pavel
%Z Part 4: PhD Student Workshop — Security Management
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS)
%C Munich, Germany
%Y Rémi Badonnel
%Y Robert Koch
%Y Aiko Pras
%Y Martin Drašar
%Y Burkhard Stiller
%I Springer International Publishing
%3 Management and Security in the Age of Hyperconnectivity
%V LNCS-9701
%P 137-141
%8 2016-06-20
%D 2016
%R 10.1007/978-3-319-39814-3_14
%K Similarity search
%K Network data
%K Classification
%K Network threats
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X In this paper, we propose a novel approach for the detection of advanced network threats. We combine knowledge-based detections with similarity search techniques commonly utilized for automated image annotation. This unique combination could provide effective detection of common network anomalies together with their unknown variants. In addition, it offers a similar approach to network data analysis as a security analyst does. Our research is focused on understanding the similarity of anomalies in network traffic and their representation within complex behaviour patterns. This will lead to a proposal of a system for the real-time analysis of network data based on similarity. This goal should be achieved within a period of three years as a part of a PhD thesis.
%G English
%Z TC 6
%Z WG 6.6
%2 https://inria.hal.science/hal-01632739/document
%2 https://inria.hal.science/hal-01632739/file/385745_1_En_14_Chapter.pdf
%L hal-01632739
%U https://inria.hal.science/hal-01632739
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC6
%~ IFIP-AIMS
%~ IFIP-WG6-6
%~ IFIP-LNCS-9701