Making Flow-Based Security Detection Parallel

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F17%3A10132897" target="_blank" >RIV/63839172:_____/17:10132897 - isvavai.cz</a>

Nalezeny alternativní kódy

RIV/68407700:21240/17:00312433

Výsledek na webu

<a href="https://link.springer.com/chapter/10.1007%2F978-3-319-60774-0_1" target="_blank" >https://link.springer.com/chapter/10.1007%2F978-3-319-60774-0_1</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/978-3-319-60774-0_1" target="_blank" >10.1007/978-3-319-60774-0_1</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Making Flow-Based Security Detection Parallel

Popis výsledku v původním jazyce

Flow based monitoring is currently a standard approach suitable for large networks of ISP size. The main advantage of flow processing is a smaller amount of data due to aggregation. There are many reasons (such as huge volume of transferred data, attacks represented by many flow records) to develop scalable systems that can process flow data in parallel. This paper deals with splitting a stream of flow data in order to perform parallel anomaly detection on distributed computational nodes. Flow data distribution is focused not only on uniformity but mainly on successful detection. The results of an experimental analysis show that the proposed approach does not break important semantic relations between individual flow records and therefore it preserves detection results. All experiments were performed using real data traces from Czech National Education and Research Network.

Název v anglickém jazyce

Making Flow-Based Security Detection Parallel

Popis výsledku anglicky

Flow based monitoring is currently a standard approach suitable for large networks of ISP size. The main advantage of flow processing is a smaller amount of data due to aggregation. There are many reasons (such as huge volume of transferred data, attacks represented by many flow records) to develop scalable systems that can process flow data in parallel. This paper deals with splitting a stream of flow data in order to perform parallel anomaly detection on distributed computational nodes. Flow data distribution is focused not only on uniformity but mainly on successful detection. The results of an experimental analysis show that the proposed approach does not break important semantic relations between individual flow records and therefore it preserves detection results. All experiments were performed using real data traces from Czech National Education and Research Network.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2017

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Security of Networks and Services in an All-Connected World

ISBN

978-3-319-60773-3

ISSN

0302-9743

e-ISSN

neuvedeno

Počet stran výsledku

13

Strana od-do

3-15

Název nakladatele

Springer

Místo vydání

Švýcarsko

Místo konání akce

Zurich

Datum konání akce

10. 7. 2017

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—