Implementation of a Stream-Based IP Flow Record Query Language

Abstract : Internet traffic analysis via flow records is an important task for network operators. There is a variety of applications, targeted at identifying, filtering or aggregating flows based on certain criteria. Most of these applications exhibit certain limitations when it comes to the identification of complex network activities. To overcome some of these limitations, a new flow query language has been proposed recently, which allows to express complex time relationships between flows. In this paper, we describe a prototype implementation of this query language and we evaluate its performance.
Document type :
Conference papers
Complete list of metadatas

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-01056634
Contributor : Hal Ifip <>
Submitted on : Wednesday, August 20, 2014 - 12:21:15 PM
Last modification on : Friday, August 11, 2017 - 4:20:16 PM
Long-term archiving on : Thursday, November 27, 2014 - 11:37:26 AM

File

61550147.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Kaloyan Kanev, Nikolay Melnikov, Jürgen Schönwälder. Implementation of a Stream-Based IP Flow Record Query Language. 4th International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2010, Zurich, Switzerland. pp.147-158, ⟨10.1007/978-3-642-13986-4_21⟩. ⟨hal-01056634⟩

Share

Metrics

Record views

120

Files downloads

366