All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Optimizing Flow Sampling for Network Anomaly Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F11%3A00181849" target="_blank" >RIV/68407700:21230/11:00181849 - isvavai.cz</a>

  • Alternative codes found

    RIV/00216224:14610/11:00053092

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Optimizing Flow Sampling for Network Anomaly Detection

  • Original language description

    Sampling techniques are widely employed in high-speed network traffic monitoring to allow the analysis of high traffic volumes with limited resources. Sampling has measurable negative impact on the accuracy of network anomaly detection methods. In our work, we build an integrated model which puts the sampling into the context of the anomaly detection used in the subsequent processing. Using this model, we show that it is possible to perform very efficient sampling with limited impact on traffic featuredistributions, thus minimizing the decrease of anomaly detection efficiency. Specifically, we propose an adaptive, feature-aware statistical sampling technique and compare it both formally and empirically with other known sampling techniques - random flow sampling and selective sampling. We study the impact of these sampling techniques on particular anomaly detection methods used in a network behavior analysis system.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

    Result was created during the realization of more than one project. More information in the Projects tab.

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2011

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Wireless Communications and Mobile Computing 2011

  • ISBN

    978-1-4244-9539-9

  • ISSN

  • e-ISSN

  • Number of pages

    6

  • Pages from-to

    1304-1309

  • Publisher name

    IEEE

  • Place of publication

    Piscataway

  • Event location

    Istanbul

  • Event date

    Jul 5, 2011

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Towards Efficient Flow Sampling Technique for Anomaly DetectionNetwork Intrusion Detection by Means of Community of Trusting AgentsCollaborative Attack Detection in High Speed Networks