Sciweavers

ICECCS
2002
IEEE

Mnemosyne: Designing and Implementing Network Short-Term Memory

14 years 5 months ago
Mnemosyne: Designing and Implementing Network Short-Term Memory
Network traffic logs play an important role in incident analysis. With the increasing throughput of network links, maintaining a complete log of all network activity has become a task that requires an enormous amount of resources. We propose an approach to network monitoring that mitigates the resource consumption problem while still providing effective support to evidence collection and incident analysis. The approach relies on a tool, called MNEMOSYNE, that maintains a sliding window containing the traffic that has been recently seen on a network link. MNEMOSYNE provides improved logging features, such as multiple streams, support for cross-stream queries, and dynamic remote reconfiguration. By integrating MNEMOSYNE with real-time intrusion detection capability, it is possible to provide incident analysis functionality and effective evidence collection, without having to maintain complete traffic logs. This paper describes the MNEMOSYNE tool, its architecture, and presents the r...
Giovanni Vigna, Andrew Mitchel
Added 14 Jul 2010
Updated 14 Jul 2010
Type Conference
Year 2002
Where ICECCS
Authors Giovanni Vigna, Andrew Mitchel
Comments (0)