Title :
Managing high volume data for network attack detection using real-time flow filtering
Author :
Ghosh, A. ; Gottlieb, Y.M. ; Naidu, Abhilasha ; Vashist, Akshay ; Poylisher, Alex ; Kubota, Ayumu ; Sawaya, Y. ; Yamada, Akimasa
Author_Institution :
Appl. Commun. Sci., Basking Ridge, NY, USA
Abstract :
In this paper, we present Real-Time Flow Filter (RTFF) -a system that adopts a middle ground between coarse-grained volume anomaly detection and deep packet inspection. RTFF was designed with the goal of scaling to high volume data feeds that are common in large Tier-1 ISP networks and providing rich, timely information on observed attacks. It is a software solution that is designed to run on off-the-shelf hardware platforms and incorporates a scalable data processing architecture along with lightweight analysis algorithms that make it suitable for deployment in large networks. RTFF also makes use of state of the art machine learning algorithms to construct attack models that can be used to detect as well as predict attacks.
Keywords :
Internet; computer network management; computer network security; Internet service provider; RTFF; Tier-1 ISP networks; coarse-grained volume anomaly detection; deep packet inspection; high volume data feeds; high volume data management; machine learning algorithms; network attack detection; off-the-shelf hardware platforms; real-time flow filtering; scalable data processing architecture; software solution; Data processing; Filters; Intrusion detection; Network architecture; Network security; Real-time systems; Security; intrusion detection; network security; scaling;
Journal_Title :
Communications, China
DOI :
10.1109/CC.2013.6488830
