{"title":"书呆子","authors":"Václav Bartos","doi":"10.1145/3339252.3340512","DOIUrl":null,"url":null,"abstract":"We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"26 2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"NERD\",\"authors\":\"Václav Bartos\",\"doi\":\"10.1145/3339252.3340512\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.\",\"PeriodicalId\":116983,\"journal\":{\"name\":\"Proceedings of the 14th International Conference on Availability, Reliability and Security\",\"volume\":\"26 2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-08-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 14th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3339252.3340512\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 14th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3339252.3340512","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
