Network and Topology Models to Support IDS Event Processing

Jörg Kippe; Steffen Pfrang

doi:10.5220/0006189403720379

Network and Topology Models to Support IDS Event Processing

Jörg Kippe, Steffen Pfrang

2017

Abstract

This paper describes our work on network models to provide awareness to the process of correlating network security alerts as well as to support the asset assessment process within the security analysis of IT infrastructures. Various means of discovery methods mostly known from network management are used to discover nodes, their properties as well as the links connecting the nodes and building a network. Our implementation is based on existing open source components which have been integrated together and are using an information model according to proposed open standards.

Download

Paper Citation

in Harvard Style

Kippe J. and Pfrang S. (2017). Network and Topology Models to Support IDS Event Processing . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 372-379. DOI: 10.5220/0006189403720379

in Bibtex Style

@conference{icissp17,
author={Jörg Kippe and Steffen Pfrang},
title={Network and Topology Models to Support IDS Event Processing},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={372-379},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006189403720379},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Network and Topology Models to Support IDS Event Processing
SN - 978-989-758-209-7
AU - Kippe J.
AU - Pfrang S.
PY - 2017
SP - 372
EP - 379
DO - 10.5220/0006189403720379