Analysis of basic security events (incidents) in the CAS network
Analysis of basic security events (incidents) in the CAS network
The research project Analysis of basic security events (incidents) in the CAS network deals with the issue of collecting and subsequently processing data about security events recorded in the address space of the CAS network. The principal investigator of the project is the CAS-CSIRT security team of the CAS network. It obtains information about security events from various sources – currently the Mentat and Warden systems managed by the Cesnet CESNET-CERTS security team.
The monitored security events are classified according to various parameters. The basic ones comprise the type of events and their severity. Another interesting parameter is their coincidence with significant external events. For instance, the last aggregate analysis confirmed a significantly increased incidence of security events in the Cesnet network during the military conflict in Ukraine in 2022. Their increased occurrence in the CAS network corresponds very closely to the beginning of the conflict in February 2022. In the following period, the team will expand the set of tools utilised to identify security threats in time.
Contact Info
Ing. Jaroslav Kohoutek
Director of the Information Technology Division
+420 221 403 362
+420 724 366 389
kohoutek@ssc.cas.cz