NEMEA: A Framework for Network Traffic Analysis
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F16%3A00304599" target="_blank" >RIV/68407700:21240/16:00304599 - isvavai.cz</a>
Výsledek na webu
<a href="https://edas.info/showManuscript.php?m=1570291169&ext=pdf&random=1622993478&type=stamped" target="_blank" >https://edas.info/showManuscript.php?m=1570291169&ext=pdf&random=1622993478&type=stamped</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/CNSM.2016.7818417" target="_blank" >10.1109/CNSM.2016.7818417</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
NEMEA: A Framework for Network Traffic Analysis
Popis výsledku v původním jazyce
Since network attacks become more sophisticated, it is difficult to discover them using traditional analysis tools. For some kinds of attacks, it is necessary to analyze Application Layer (L7) information in order to detect them. However, there is a lack of existing tools capable of L7 processing and manipulation. Therefore, we propose a flow-based modular Network Measurements Analysis (NEMEA) system to overcome the situation. NEMEA is designed with respect to a stream-wise concept, i. e. data are analyzed continuously in memory with minimal data storage. NEMEA is developed as an open-source project and is publicly available for world-wide community. It is designed for both experimental and operational use. It is able to process off-line traffic traces as well as live network flows. The system is very flexible and can be easily extended by new modules. The modules are developed within a NEMEA framework that is a key component of the project. NEMEA thus represents a unified platform for research and development of new traffic analysis methods. It covers several important topics not limited to analysis and detection. Some of them are described in this paper. Originally, NEMEA has been developed for the purposes of Czech National Research and Education Network operator. Therefore, it is focused on handling high speed network traffic with links working at 100 Gbps.
Název v anglickém jazyce
NEMEA: A Framework for Network Traffic Analysis
Popis výsledku anglicky
Since network attacks become more sophisticated, it is difficult to discover them using traditional analysis tools. For some kinds of attacks, it is necessary to analyze Application Layer (L7) information in order to detect them. However, there is a lack of existing tools capable of L7 processing and manipulation. Therefore, we propose a flow-based modular Network Measurements Analysis (NEMEA) system to overcome the situation. NEMEA is designed with respect to a stream-wise concept, i. e. data are analyzed continuously in memory with minimal data storage. NEMEA is developed as an open-source project and is publicly available for world-wide community. It is designed for both experimental and operational use. It is able to process off-line traffic traces as well as live network flows. The system is very flexible and can be easily extended by new modules. The modules are developed within a NEMEA framework that is a key component of the project. NEMEA thus represents a unified platform for research and development of new traffic analysis methods. It covers several important topics not limited to analysis and detection. Some of them are described in this paper. Originally, NEMEA has been developed for the purposes of Czech National Research and Education Network operator. Therefore, it is focused on handling high speed network traffic with links working at 100 Gbps.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
20206 - Computer hardware and architecture
Návaznosti výsledku
Projekt
—
Návaznosti
S - Specificky vyzkum na vysokych skolach
Ostatní
Rok uplatnění
2016
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
12th International Conference on Network and Service Management
ISBN
978-3-901882-85-2
ISSN
—
e-ISSN
2165-963X
Počet stran výsledku
7
Strana od-do
195-201
Název nakladatele
IEEE
Místo vydání
Montreal
Místo konání akce
Montréal
Datum konání akce
31. 10. 2016
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
000403950600024