Digging into ip flow records with a visual kernel method

Authors:
Cynthia Wagner;Gerard Wagener;Radu State;Thomas Engel
Affiliations:
University of Luxembourg - SnT, Luxembourg, Luxembourg;University of Luxembourg - SnT, Luxembourg, Luxembourg;University of Luxembourg - SnT, Luxembourg, Luxembourg;University of Luxembourg - SnT, Luxembourg, Luxembourg
Venue:
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Year:
2011

Citing 6
Cited 0

Honeypots: Tracking Hackers

Honeypots: Tracking Hackers
Aguri: An Aggregation-Based Traffic Profiler

COST 263 Proceedings of the Second International Workshop on Quality of Future Internet Services
K-T.R.A.C.E: A kernel k-means procedure for classification

Computers and Operations Research
Visual Analytics for Network Flow Analysis

CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
Portscan Detection with Sampled NetFlow

TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a network monitoring framework with an intuitive visualization engine. The framework leverages a kernel method with spatial and temporal aggregated IP flows for the off/online processing of Netflow records and full packet captures from ISP and honeypot input data and is operating on aggregated Netflow records and is supporting network management activities related to the anomaly and attack detection.