Reference : Efficient Learning of Communication Profiles from IP Flow Records
Scientific congresses, symposiums and conference proceedings : Poster
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/28374
Efficient Learning of Communication Profiles from IP Flow Records
English
Hammerschmidt, Christian mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Marchal, Samuel mailto [Aalto University]
Pellegrino, Gaetano mailto [Delft Technical University]
State, Radu mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Verwer, Sicco mailto [Delft Technical University]
Nov-2016
Yes
International
The 41st IEEE Conference on Local Computer Networks (LCN)
November 7-10, 2016
IEEE
[en] IP flow records ; intrusion detection ; botnet
[en] The task of network traffic monitoring has evolved drastically with the ever-increasing amount of data flowing in large scale networks. The automated analysis of this tremendous source of information often comes with using simpler models on aggregated data (e.g. IP flow records) due to time and space constraints. A step towards utilizing IP flow records more effectively are stream learning techniques. We propose a method to collect a limited yet relevant amount of data in order to learn a class of complex models, finite state machines, in real-time. These machines are used as communication profiles to fingerprint, identify or classify hosts and services and offer high detection rates while requiring less training data and thus being faster to compute than simple models.
R-AGR-0685-11-Z
Researchers
http://hdl.handle.net/10993/28374

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
PID4406105.pdfAuthor postprint407.11 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.