DocumentCode
175402
Title
An Approximate Framework for Flexible Network Flow Screening
Author
Adams, Niall M. ; Lawson, Daniel
Author_Institution
Dept. of Math., Imperial Coll. London, London, UK
fYear
2014
fDate
24-26 Sept. 2014
Firstpage
256
Lastpage
259
Abstract
Network security analysts presently lack tools for routinely screening large collections of network traffic for structures of interest. This is particularly the case when the structures of interest are embodied as summaries of sets of related traffic, essentially behaviour descriptions. This paper sketches a methodology to provide such capability, in the context of flow data. The methodology generates approximate search results, and uses a modular construction to provide the capability to tailor queries for multiple views of the behaviour structure of interest. At core, the methodology involves approximate sequential search procedures. The methodology is framed by a discussion of a large university network.
Keywords
computer network security; search problems; telecommunication traffic; approximate sequential search procedure; flexible network flow screening; network security; network traffic; Computers; Context; Educational institutions; IP networks; Mathematics; Monitoring; Security;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
Conference_Location
The Hague
Print_ISBN
978-1-4799-6363-8
Type
conf
DOI
10.1109/JISIC.2014.49
Filename
6975586
Link To Document