loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Milan Cermak and Denisa Sramkova

Affiliation: Institute of Computer Science, Masaryk University, Brno, Czech Republic

Keyword(s): Network Forensics, Graph Database, Dgraph, Zeek, Association-based Analysis.

Abstract: Understanding the information in captured network traffic, extracting the necessary data, and performing incident investigations are principal tasks of network forensics. The analysis of such data is typically performed by tools allowing manual browsing, filtering, and aggregation or tools based on statistical analyses and visualizations facilitating data comprehension. However, the human brain is used to perceiving the data in associations, which these tools can provide only in a limited form. We introduce a GRANEF toolkit that demonstrates a new approach to exploratory network data analysis based on associations stored in a graph database. In this article, we describe data transformation principles, utilization of a scalable graph database, and data analysis techniques. We then discuss and evaluate our proposed approach using a realistic dataset. Although we are at the beginning of our research, the current results show the great potential of association-based analysis.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.221.192.248

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Cermak, M. and Sramkova, D. (2021). GRANEF: Utilization of a Graph Database for Network Forensics. In Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-524-1; ISSN 2184-7711, SciTePress, pages 785-790. DOI: 10.5220/0010581807850790

@conference{secrypt21,
author={Milan Cermak. and Denisa Sramkova.},
title={GRANEF: Utilization of a Graph Database for Network Forensics},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT},
year={2021},
pages={785-790},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010581807850790},
isbn={978-989-758-524-1},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
TI - GRANEF: Utilization of a Graph Database for Network Forensics
SN - 978-989-758-524-1
IS - 2184-7711
AU - Cermak, M.
AU - Sramkova, D.
PY - 2021
SP - 785
EP - 790
DO - 10.5220/0010581807850790
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic