Title :
Concurrent monitoring environment for obtaining IPFIX flow and signature based IDS alert data
Author :
Alapaholuoma, Teemu ; Seppala, T. ; Nieminen, Johanna ; Ylinen, Juhana ; Loula, P.
Author_Institution :
Telecommun. Res. Center, Tampere Univ. of Technol., Pori, Finland
Abstract :
The aim of this paper is to introduce and untangle the operating model of a network monitoring environment that handles flow and signature based techniques side by side on a large-scale campus network. This paper introduces one approach for solving the problematic creation of standard-based flow information and signature alarms in tandem from large-scale network traffic. The operating model takes into account cost efficiency, trustworthy and privacy protection. Due to the Privacy Protection Act and local laws, data analysis is made after traffic anonymization.
Keywords :
data privacy; large-scale systems; security of data; telecommunication security; telecommunication traffic; IPFIX flow; Privacy Protection Act; concurrent monitoring environment; cost efficiency; large-scale campus network; large-scale network traffic; network monitoring environment; signature alarms; signature based IDS alert data; traffic anonymization; trustworthy; IP networks; Intrusion detection; Monitoring; Ports (Computers); Protocols; Software; Telecommunication traffic; IPFIX; Large-scale; Monitoring environment; Signature-based;
Conference_Titel :
Computer Systems and Industrial Informatics (ICCSII), 2012 International Conference on
Conference_Location :
Sharjah
Print_ISBN :
978-1-4673-5155-3
DOI :
10.1109/ICCSII.2012.6454305
