DANAK: Finding the odd!

Abstract : With the growth of network connectivity and network sizes, the interest in traffic classification respectively attack and anomaly detection in network monitoring and security related activities have become very strong. In this paper, a new tool called DANAK has been developed for the detection of anomalies in Netflow records by referring to spatial and temporal information aggregation in combination with Machine Learning techniques. Spatially aggregated Netflow records are fed in a new designed kernel function in order to analyze Netflow records on context and quantitative information. To strengthen the analysis of large volumes of Netflow records, support vector machines are applied. The proposed method has been validated by extensive experimentation on real data sets, including numerous attack strategies of different roots.
Type de document :
Communication dans un congrès
5th International Conference on Network and System Security, Sep 2011, Milan, Italy. IEEE, 2011, 〈10.1109/ICNSS.2011.6059996〉
Liste complète des métadonnées

Littérature citée [26 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00641826
Contributeur : Jérôme François <>
Soumis le : mercredi 16 novembre 2011 - 17:21:18
Dernière modification le : mercredi 7 décembre 2011 - 14:54:59
Document(s) archivé(s) le : vendredi 16 novembre 2012 - 11:05:29

Fichier

danak.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Cynthia Wagner, Jérôme François, Radu State, Thomas Engel. DANAK: Finding the odd!. 5th International Conference on Network and System Security, Sep 2011, Milan, Italy. IEEE, 2011, 〈10.1109/ICNSS.2011.6059996〉. 〈hal-00641826〉

Partager

Métriques

Consultations de la notice

155

Téléchargements de fichiers

71