Flow monitoring explained: From packet capture to data analysis with netflow and ipfix
Flow monitoring has become a prevalent method for monitoring traffic in high-speed
networks. By focusing on the analysis of flows, rather than individual packets, it is often said …
networks. By focusing on the analysis of flows, rather than individual packets, it is often said …
Flow-based intrusion detection: Techniques and challenges
MF Umer, M Sher, Y Bi - Computers & Security, 2017 - Elsevier
Flow-based intrusion detection is an innovative way of detecting intrusions in high-speed
networks. Flow-based intrusion detection only inspects the packet header and does not …
networks. Flow-based intrusion detection only inspects the packet header and does not …
A multi-feature DDoS detection schema on P4 network hardware
M Dimolianis, A Pavlidis… - 2020 23rd Conference on …, 2020 - ieeexplore.ieee.org
Data plane programmability is a promising technology that enables rapid control loops for
the detection and mitigation of cyber-attacks. In this context, we propose an in-network …
the detection and mitigation of cyber-attacks. In this context, we propose an in-network …
Towards real-time intrusion detection for NetFlow and IPFIX
DDoS attacks bring serious economic and technical damage to networks and enterprises.
Timely detection and mitigation are therefore of great importance. However, when flow …
Timely detection and mitigation are therefore of great importance. However, when flow …
Entropy-based network traffic anomaly classification method resilient to deception
Entropy-based network traffic anomaly detection techniques are attractive due to their
simplicity and applicability in a real-time network environment. Even though flow data …
simplicity and applicability in a real-time network environment. Even though flow data …
Collaborative attack mitigation and response: a survey
Over recent years, network-based attacks have become one of the top causes of network
infrastructure and service outages. To counteract such attacks, an approach is to move …
infrastructure and service outages. To counteract such attacks, an approach is to move …
Identifying peer‐to‐peer communities in the network by connection graph analysis
In this paper we present a unified solution to identify peer‐to‐peer (P2P) communities
operating in the network. We propose an algorithm that is able to progressively discover …
operating in the network. We propose an algorithm that is able to progressively discover …
Holistic Security Approach in Cybersecurity Services for Datacenters and Telecommunication Operators
K Öztoprak, YK Tuncel - 2023 IEEE International Performance …, 2023 - ieeexplore.ieee.org
This study examines and presents a resolution for Protocol Independent Switch Architecture
(PISA) to handle data at the application layer, facilitating the precise inspection of security …
(PISA) to handle data at the application layer, facilitating the precise inspection of security …
Real-time and resilient intrusion detection: A flow-based approach
R Hofstede, A Pras - Dependable Networks and Services: 6th IFIP WG 6.6 …, 2012 - Springer
Flow-based intrusion detection will play an important role in high-speed networks, due to the
stringent performance requirements of packet-based solutions. Flow monitoring …
stringent performance requirements of packet-based solutions. Flow monitoring …