Václav Bartoš scite author profile

Václav Bartoš

5Publications

78Citation Statements Received

158Citation Statements Given

How they've been cited

198

How they cite others

157

Affiliations

Czech Education and Scientific Network, Brno University of Technology

Publications

Order By: Most citations

Towards real-time intrusion detection for NetFlow and IPFIX

Hofstede

Bartoš

Sperotto

et al. 2013

View full text Add to dashboard Cite

DDoS attacks bring serious economic and technical damage to networks and enterprises. Timely detection and mitigation are therefore of great importance. However, when flow monitoring systems are used for intrusion detection, as it is often the case in campus, enterprise and backbone networks, timely data analysis is constrained by the architecture of NetFlow and IPFIX. In their current architecture, the analysis is performed after certain timeouts, which generally delays the intrusion detection for several minutes. This paper presents a functional extension for both NetFlow and IPFIX flow exporters, to allow for timely intrusion detection and mitigation of large flooding attacks. The contribution of this paper is threefold. First, we integrate a lightweight intrusion detection module into a flow exporter, which moves detection closer to the traffic observation point. Second, our approach mitigates attacks in near real-time by instructing firewalls to filter malicious traffic. Third, we filter flow data of malicious traffic to prevent flow collectors from overload. We validate our approach by means of a prototype that has been deployed on a backbone link of the Czech national research and education network CESNET.

show abstract

Network entity characterization and attack prediction

Bartoš

Žádník

Habib

et al. 2019

Future Generation Computer Systems

View full text Add to dashboard Cite

The devastating effects of cyber-attacks, highlight the need for novel attack detection and prevention techniques. Over the last years, considerable work has been done in the areas of attack detection as well as in collaborative defense. However, an analysis of the state of the art suggests that many challenges exist in prioritizing alert data and in studying the relation between a recently discovered attack and the probability of it occurring again. In this article, we propose a system that is intended for characterizing network entities and the likelihood that they will behave maliciously in the future. Our system, namely Network Entity Reputation Database System (NERDS), takes into account all the available information regarding a network entity (e. g. IP address) to calculate the probability that it will act maliciously. The latter part is achieved via the utilization of machine learning. Our experimental results show that it is indeed possible to precisely estimate the probability of future attacks from each entity using information about its previous malicious behavior and other characteristics. Ranking the entities by this probability has practical applications in alert prioritization, assembly of highly effective blacklists of a limited length and other use cases.

show abstract

NEMEA: A framework for network traffic analysis

Čejka

Bartoš

Švepeš

et al. 2016

View full text Add to dashboard Cite

Predictive methods in cyber defense: Current experience and research challenges

Husák

Bartoš

Sokol

et al. 2021

Future Generation Computer Systems

View full text Add to dashboard Cite

GRU-based deep learning approach for network intrusion alert prediction

Ansari

Bartoš

Lee

2022

Future Generation Computer Systems

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Václav Bartoš

Towards real-time intrusion detection for NetFlow and IPFIX

Network entity characterization and attack prediction

NEMEA: A framework for network traffic analysis

Predictive methods in cyber defense: Current experience and research challenges

GRU-based deep learning approach for network intrusion alert prediction

Contact Info

Product

Resources

About