Sciweavers

IM
2007

Real-time Analysis of Flow Data for Network Attack Detection

14 years 1 months ago
Real-time Analysis of Flow Data for Network Attack Detection
— With the wide deployment of flow monitoring in IP networks, the analysis of the exported flow data has become an important research area. It has been shown that flow data can be used to detect traffic anomalies, DoS attacks, and the propagation of worms. In practice, anomalies and attacks should be detected as fast as possible in order to allow taking appropriate countermeasures. We describe the necessary steps from the raw flow data to the detection result in a systematic way. Furthermore, we present TOPAS, a system and framework for real-time analysis of flow data, that has been developed in order to meet these requirements. Performance measurements and various application examples point out the capabilities and benefits of our approach.
Gerhard Münz, Georg Carle
Added 29 Oct 2010
Updated 29 Oct 2010
Type Conference
Year 2007
Where IM
Authors Gerhard Münz, Georg Carle
Comments (0)