All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Towards Efficient Flow Sampling Technique for Anomaly Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F12%3A00191018" target="_blank" >RIV/68407700:21230/12:00191018 - isvavai.cz</a>

  • Result on the web

    <a href="http://www.springerlink.com/content/aht28428hmm47366/fulltext.pdf" target="_blank" >http://www.springerlink.com/content/aht28428hmm47366/fulltext.pdf</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-642-28534-9_11" target="_blank" >10.1007/978-3-642-28534-9_11</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Towards Efficient Flow Sampling Technique for Anomaly Detection

  • Original language description

    With increasing amount of network traffic, sampling techniques have become widely employed allowing monitoring and analysis of high-speed network links. Despite of all benefits, sampling methods negatively influence the accuracy of anomaly detection techniques and other subsequent processing. In this paper, we present an adaptive, feature-aware sampling technique that reduces the loss of information bounded with the sampling process, thus minimizing the decrease of anomaly detection efficiency. To verify the optimality of our proposed technique, we build a model of the ideal sampling algorithm and define general metrics allowing us to compute the distortion of traffic feature distribution for various types of sampling algorithms. We compare our technique with random flow sampling and reveal their impact on several anomaly detection methods by using real network traffic data. The presented ideas can be applied on high-speed network links to refine the input data by suppressing highly-re

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

    Result was created during the realization of more than one project. More information in the Projects tab.

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2012

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Traffic Monitoring and Analysis

  • ISBN

    978-3-642-28533-2

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    14

  • Pages from-to

    93-106

  • Publisher name

    Springer-Verlag

  • Place of publication

    Berlin

  • Event location

    Vienna

  • Event date

    Mar 12, 2012

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Optimizing Flow Sampling for Network Anomaly DetectionAdaptive Multi-Agent System for Network Traffic MonitoringAgent Based Network Intrusion Detection System