Detail výsledku

On the Identification of Applications from Captured Network Traffic

PLUSKAL, J.; RYŠAVÝ, O.; MATOUŠEK, P. On the Identification of Applications from Captured Network Traffic. New York: 2016. 15 p.
Typ
prezentace, poster
Jazyk
anglicky
Autoři
Pluskal Jan, Ing., Ph.D., UIFS (FIT)
Ryšavý Ondřej, doc. Ing., Ph.D., UIFS (FIT)
Matoušek Petr, doc. Ing., Ph.D., M.A., UIFS (FIT)
Abstrakt

Digital forensics uses hashingas a tool to ensure data integrity and detecting known objects. Detecting know communication is more complicated as eachdata transfer contains specific and temporary characteristic, e.g., IPaddresses, sequence numbers, andchecksums. In network security, the anomaly or dangerous communication isidentified by applying methods of traffic classification. In this presentation, werevisit the methods for traffic classification todetermine an approach that can apply tothe problem of distinguishing the traffic to known and suspect. Suchclassification can reduce the amount ofinformation that needs to be analyzed by the forensic specialist during the investigation.

Klíčová slova

cyber forensics, cyber security, intrusion detection system,metadata, traffic classification

URL
Rok
2016
Strany
15
Konference
8th International Conference on Digital Forensics & Cyber Crime
Místo
New York
BibTeX 
@misc{BUT133042,
  author="Jan {Pluskal} and Ondřej {Ryšavý} and Petr {Matoušek}",
  title="On the Identification of Applications from Captured Network Traffic",
  year="2016",
  pages="15",
  address="New York",
  url="https://prezi.com/wnxlghgkocti"
}
Projekty
Výzkum pokročilých metod ICT a jejich aplikace, VUT, Vnitřní projekty VUT, FIT-S-14-2299, zahájení: 2014-01-01, ukončení: 2016-12-31, ukončen
Výzkumné skupiny
NES@FIT - Výzkumná skupina počítačové sítě (VZ NES@FIT)
Pracoviště
Fakulta informačních technologií (FIT)
Nahoru