FIELDS : Flow Intrusion Extrusion Largescale Detection System

Abstract : This paper presents an advanced pre-processing, called FIELDS, for analyzing the network traffic based on flow assessments. FIELDS is an extensible Network Security Monitoring that supports 1) advanced traffic pre-processing, 2) forensics and 3) existing Network Extrusion/Intrusion Detection Systems. FIELDS has been experimented during two months using a large real network thanks to its non intrusive nature. The results show the efficiency of different heuristics for pre-processing the traffic relevant of an intrusion. FIELDS provides an unified and efficient tool for pre-processing the network traffic and detecting/controlling the potential internal/external intruders. FIELDS solves the problem of scalability for the monitoring of the security of large networks. It can be easily extended to integrate other heuristics and correlate the different analysis.
Type de document :
Communication dans un congrès
The Sixth International Conference on Emerging Security Information, Systems and Technologies, Aug 2012, Rome, Italy. 2012
Liste complète des métadonnées

https://hal.inria.fr/hal-00771333
Contributeur : Jérémy Briffaut <>
Soumis le : mardi 8 janvier 2013 - 14:29:49
Dernière modification le : vendredi 4 mai 2018 - 14:38:01

Identifiants

  • HAL Id : hal-00771333, version 1

Citation

Jérémy Briffaut, Nicolas Grenèche, Quentin Narvor, Christian Toinard. FIELDS : Flow Intrusion Extrusion Largescale Detection System. The Sixth International Conference on Emerging Security Information, Systems and Technologies, Aug 2012, Rome, Italy. 2012. 〈hal-00771333〉

Partager

Métriques

Consultations de la notice

190