Skip to Main content Skip to Navigation
Conference papers

Preserving Relations in Parallel Flow Data Processing

Tomáš Čejka 1 Martin Žádnik 2
1 CTU - Czech Technical University in Prague
2 CESNET [Prague]
CAS - Czech Academy of Sciences [Prague]
Abstract : Network monitoring produces high volume of data that must be analyzed ideally in near real-time to support network security operations. It is possible to process the data using Big Data frameworks, however, such approach requires adaptation or complete redesign of processing tools to get the same results. This paper elaborates on a parallel processing based on splitting a stream of flow records. The goal is to create subsets of traffic that contain enough information for parallel anomaly detection. The paper describes a methodology based on so called witnesses that helps to scale up without any need to modify existing algorithms.
Document type :
Conference papers
Complete list of metadata

Cited literature [7 references]  Display  Hide  Download
https://hal.inria.fr/hal-01806065
Contributor : Hal Ifip <>
Submitted on : Friday, June 1, 2018 - 4:01:24 PM
Last modification on : Tuesday, January 19, 2021 - 10:16:03 AM
Long-term archiving on: : Sunday, September 2, 2018 - 3:38:32 PM

File

Vignette du document
452969_1_En_14_Chapter.pdf
Files produced by the author(s)

Licence

Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Collections

IFIP-WG6-6 | IFIP-TC | IFIP-TC6 | IFIP-AIMS | IFIP-LNCS-10356 | IFIP-LNCS | IFIP

Citation

Tomáš Čejka, Martin Žádnik. Preserving Relations in Parallel Flow Data Processing. 11th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jul 2017, Zurich, Switzerland. pp.153-156, ⟨10.1007/978-3-319-60774-0_14⟩. ⟨hal-01806065⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics

Record views

140

Files downloads

151

 

Contact                    Legal Notice                    Personal Data