Rapid prototyping of flow-based detection methods using complex event processing

机译：使用复杂事件处理的基于流的检测方法的快速原型

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Detection of network attacks is the first step to network security. Many different methods for attack detection were proposed in the past. However, descriptions of these methods are often not complete and it is difficult to verify that the actual implementation matches the description. In this demo paper, we propose to use Complex Event Processing (CEP) for developing detection methods based on network flows. By writing the detection methods in an Event Processing Language (EPL), we can address the above-mentioned problems. The SQL-like syntax of most EPLs is easily readable so the detection method is self-documented. Moreover, it is directly executable in the CEP system, which eliminates inconsistencies between documentation and implementation. The demo will show a running example of a multi-stage HTTP brute force attack detection using Esper and its EPL.

机译：检测网络攻击是网络安全的第一步。过去提出了许多不同的攻击检测方法。但是，这些方法的描述通常不完整，并且很难验证实际实现是否与描述匹配。在本演示文件中，我们建议使用复杂事件处理（CEP）来开发基于网络流的检测方法。通过使用事件处理语言（EPL）编写检测方法，我们可以解决上述问题。大多数EPL的类似SQL的语法都易于阅读，因此检测方法是自记录的。而且，它可以在CEP系统中直接执行，从而消除了文档和实施之间的不一致。该演示将展示使用Esper及其EPL进行多阶段HTTP蛮力攻击检测的运行示例。

著录项

来源
《IEEE/IFIP Network Operations and Management Symposium》|2018年|1-3|共3页
会议地点
作者
Petr Velan; Martin Husák; Daniel Tovarňák;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Security; Monitoring; Engines; Force; Databases; Uniform resource locators; IP networks;

机译：安全性;监视;引擎;强制;数据库;统一资源定位器; IP网络;

相似文献

外文文献
中文文献
专利

1. A Study on The Complex Event Detection Methods Based on Bitmap Index for Stream data Processing [J] . Yong-Mn Park, oung-Hwan Oh Journal of The Institute of Electronics Engineers of Korea . 2011,第4期

机译：基于位图索引的复杂事件检测方法在流数据处理中的研究
2. A quantitative methodology for rapid prototyping and high-level synthesis of signal processing algorithms [J] . Madisetti V.K., Curtis B.A. IEEE Transactions on Signal Processing . 1994,第11期

机译：用于信号处理算法的快速原型制作和高级综合的定量方法
3. A Comparative Study of Product DevelopmentProcess Using Computer Numerical Controland Rapid Prototyping Methods [J] . O. M. Oduola, F. O. Omole, K. J. Akinluwade, Current Journal of Applied Science and Technology . 2014,第30期

机译：计算机数控与快速成型方法对产品开发过程的比较研究
4. Rapid prototyping of flow-based detection methods using complex event processing [C] . Petr Velan, Martin Husák, Daniel Tovarňák IEEE/IFIP Network Operations and Management Symposium . 2018

机译：复杂事件处理的基于流动检测方法的快速原型设计
5. Data -driven self -improving fault detection and diagnosis methodologies in complex manufacturing process [D] . Jin, Nong. 2006

机译：复杂制造过程中数据驱动的自我改进故障检测与诊断方法
6. Vaginal swab specimen processing methods influence performance of rapid semen detection tests: A cautionary tale [O] . Marcia M. Hobbs, Markus J. Steiner, Kimberly D. Rich, -1

机译：阴道拭子样本加工方法对快速精液检测测试的性能影响：警示故事
7. Rapid prototyping of flow-based detection methods using complex event processing [O] . Petr Velan, Martin Husak, Daniel Tovarnak 2018

机译：复杂事件处理的基于流动检测方法的快速原型设计

Rapid prototyping of flow-based detection methods using complex event processing

摘要

著录项

相似文献

相关主题

期刊订阅