PAVEL MINARÍK
Pavel Minarík received his masters’ degree in computer science in 2005 from the Faculty of Informatics of Masaryk University in Brno. He currently works as the Chief Technology Officer at AdvaICT. He is the main architect of AdvaICT’s ADS (Anomaly Detection System) and outgoing products. Pavel’s main focus is network traffic analysis and anomaly detection. He has participated in several research projects (mainly for the U.S. and Czech Armies) as a senior researcher of the Institute of Computer Science of Masaryk University. He is a co-author of two technology transfers (2010) from the University and co-author of 7 published research papers in the field of network behavior analysis (2007-2009).
NETWORK MONITORING – TOOL FOR DETECTING AND AVOIDING INCIDENT
The complexity of IT infrastructure is growing continuously. More products are being incorporated and more services are being used. Enterprises rely on computer network and information technology since their primary processes completely depend on the IT department or it’s outsourcing partners. Malware infection or data loss a single computer might be troublesome. A successful attack on the core infrastructure, or client data loss, or malware infection of the whole network is a disaster. There are widely used methods to stop network attacks and malware from spreading based on signatures (intrusion detection system) in combination with host protection (antivirus, anti spyware). However, the latest results show that these methods are not bulletproof and that we need to focus on network traffic and its monitoring and analysis. We present a network-centric approach to the detection and prevention of incidents on computer networks with a focus on security. This approach is based on the detailed measuring and monitoring of computer networks using flow data. Methods based on flow data processing are unique in their usability, scalability and performance while there is no need for a deep understanding of the topology of target networks and no need for software installation or configuration changes. The proposed approach is called Network Behavior Analysis (NBA) and will be illustrated on a series of case studies from network traffic audits and analyses performed by AdvaICT during the last year.