Publication details

WARDEN: realtime sharing of detected threats between CSIRT teams



Year of publication 2013
Type R&D Presentation
Description The Warden project is a sharing platform for detected security events, whose characteristics can be watched and used by members of the network for evading possible security threats. There exists large body of automatically detected security events, be it honeypot machines or IDS systems at campuses, golden mine of netflow data or dictionary attacks from log data of production machines. Manual distribution of this events is laborious and generates further work which the team is usually not able to cover, causing distortion, losses and unneeded delays. In our CESNET2 national research and educational network, we attempted to solve these dilemmas by designing the Warden – open early warning system, which enables security teams to proactively and efficiently share and use information relating to detected network and service anomalies that had been generated by various systems.

You are running an old browser version. We recommend updating your browser to its latest version.

More info