CopAS: A Big Data Forensic Analytics System
Martin Macak, Matus Stovcik, Tomas Rebok, Mouzhi Ge, Bruno Rossi,, Barbora Buhnova
TL;DR
CopAS is a big data forensic system designed to help network operators analyze large-scale network data for detecting malicious and suspicious activities, demonstrated through insider attack detection on real datasets.
Contribution
The paper introduces CopAS, a novel big data forensic analytics system tailored for network security analysis and insider threat detection.
Findings
Effective detection of insider attacks in large network datasets.
CopAS demonstrates practical utility on real-world PCAP data.
System facilitates analysis and correlation of vast network data streams.
Abstract
With the advancing digitization of our society, network security has become one of the critical concerns for most organizations. In this paper, we present CopAS, a system targeted at Big Data forensics analysis, allowing network operators to comfortably analyze and correlate large amounts of network data to get insights about potentially malicious and suspicious events. We demonstrate the practical usage of CopAS for insider attack detection on a publicly available PCAP dataset and show how the system can be used to detect insiders hiding their malicious activity in the large amounts of data streams generated during the operations of an organization within the network.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDigital and Cyber Forensics · Network Security and Intrusion Detection · Advanced Malware Detection Techniques