Interactive analysis of NetFlows for misuse detection inlarge IP networks
| dc.contributor.author | Mansmann, Florian | |
| dc.contributor.author | Fischer, Fabian | |
| dc.contributor.author | Keim, Daniel A. | |
| dc.contributor.author | Pietzko, Stephan | |
| dc.contributor.author | Waldvogel, Marcel | |
| dc.contributor.editor | Müller, Paul | |
| dc.contributor.editor | Neumair, Bernhard | |
| dc.contributor.editor | Rodosek, Gabi Dreo | |
| dc.date.accessioned | 2019-02-20T10:17:14Z | |
| dc.date.available | 2019-02-20T10:17:14Z | |
| dc.date.issued | 2009 | |
| dc.description.abstract | While more and more applications require higher network bandwidth, there is also a tendency that large portions of this bandwidth are misused for dubious purposes, such as unauthorized VoIP, file sharing, or criminal botnet activity. Automatic intrusion detection methods can detect a large portion of such misuse, but novel patterns can only be detected by humans. Moreover, interpretation of large amounts of alerts imposes new challenges on the analysts. The goal of this paper is to present the visual analysis system NFlowVis to interactively detect unwanted usage of the network infrastructure either by pivoting NetFlows using IDS alerts or by specifying usage patterns, such as sets of suspicious port numbers. Thereby, our work focuses on providing a scalable approach to store and retrieve large quantities of NetFlows by means of a database management system. | en |
| dc.identifier.isbn | 978-3-88579-243-7 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/20405 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | 2. DFN-Forum Kommunikationstechnologien | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-149 | |
| dc.title | Interactive analysis of NetFlows for misuse detection inlarge IP networks | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 124 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 115 | |
| gi.conference.date | 27. Mai bis 28. Mai 2009 | |
| gi.conference.location | München | |
| gi.conference.sessiontitle | Regular Research Papers |
Dateien
Originalbündel
1 - 1 von 1