Title :
Aggregated representations and metrics for scalable flow analysis
Author :
Francois, Jerome ; State, Radu ; Engel, Thomas
Author_Institution :
SnT - Univ. of Luxembourg, Luxembourg, Luxembourg
Abstract :
While monitoring network traffic at the operator level allows to collect highly valuable data for monitoring large scale distributed attacks, scalability remains a major challenge due to the large data volumes to handle. In particular, collecting and storing NetFlow data is feasible but accurate analysis is still a challenging topic. Hence, this paper leverages an aggregated representation of the network traffic which is further analyzed using dedicated entropic based metrics and machine learning techniques. The main advantage is a reduction of the computational complexity while the accuracy still remains acceptable as highlighted by evaluation on real datasets.
Keywords :
computational complexity; entropy; learning (artificial intelligence); signal representation; telecommunication security; telecommunication traffic; NetFlow data; aggregated metrics; aggregated representations; computational complexity; entropic based metrics; large scale distributed attacks; machine learning; network traffic; scalable flow analysis; valuable data; Entropy; IP networks; Intrusion detection; Measurement; Monitoring; Support vector machines;
Conference_Titel :
Communications and Network Security (CNS), 2013 IEEE Conference on
Conference_Location :
National Harbor, MD
DOI :
10.1109/CNS.2013.6682763
