Charging from sampled network usage
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Properties and prediction of flow statistics from sampled packet streams
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Aguri: An Aggregation-Based Traffic Profiler
COST 263 Proceedings of the Second International Workshop on Quality of Future Internet Services
Application Profiling of IP Traffic
LCN '02 Proceedings of the 27th Annual IEEE Conference on Local Computer Networks
The Spinning Cube of Potential Doom
Communications of the ACM - Wireless sensor networks
Structural analysis of network traffic flows
Proceedings of the joint international conference on Measurement and modeling of computer systems
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Home-centric visualization of network traffic for security administration
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
NVisionIP: netflow visualizations of system state for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
PortVis: a tool for port-based detection of security events
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
FlowScan: A Network Traffic Flow Reporting and Visualization Tool
LISA '00 Proceedings of the 14th USENIX conference on System administration
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Manifold learning visualization of network traffic data
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Host Behaviour Based Early Detection of Worm Outbreaks in Internet Backbones
WETICE '05 Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise
A Framework for Real-Time Worm Attack Detection and Backbone Monitoring
IWCIP '05 Proceedings of the First IEEE International Workshop on Critical Infrastructure Protection
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing
IEEE Computer Graphics and Applications
A DoS Resilient Flow-level Intrusion Detection Approach for High-speed Networks
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Flow-Based Identification of P2P Heavy-Hitters
ICISP '06 Proceedings of the International Conference on Internet Surveillance and Protection
Impact of packet sampling on anomaly detection metrics
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Method of Measuring VoIP Traffic Fluctuation with Selective sFlow
SAINT-W '07 Proceedings of the 2007 International Symposium on Applications and the Internet Workshops
Lightweight application classification for network management
Proceedings of the 2007 SIGCOMM workshop on Internet network management
A NetFlow based flow analysis and monitoring system in enterprise networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Trajectory sampling with unreliable reporting
IEEE/ACM Transactions on Networking (TON)
Fast, memory efficient flow rate estimation using runs
IEEE/ACM Transactions on Networking (TON)
Confident estimation for multistage measurement sampling and aggregation
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
CSAMP: a system for network-wide flow monitoring
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Multi-agent approach to network intrusion detection
Proceedings of the 7th international joint conference on Autonomous agents and multiagent systems: demo papers
Collaborative Attack Detection in High-Speed Networks
CEEMAS '07 Proceedings of the 5th international Central and Eastern European conference on Multi-Agent Systems and Applications V
Large-Scale Network Monitoring for Visual Analysis of Attacks
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
NetFlow Data Visualization Based on Graphs
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
GA-Based Filtering Algorithm to Defend against DDoS Attack in High Speed Network
ICNC '08 Proceedings of the 2008 Fourth International Conference on Natural Computation - Volume 01
An Architectural Framework for Accurate Characterization of Network Traffic
IEEE Transactions on Parallel and Distributed Systems
FloVis: Flow Visualization System
CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
Internet traffic classification demystified: myths, caveats, and the best practices
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Efficient Aggregate Computation over Data Streams
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Entropy based adaptive flow aggregation
IEEE/ACM Transactions on Networking (TON)
P2P Traffic Identification Based on NetFlow TCP Flag
ICFCC '09 Proceedings of the 2009 International Conference on Future Computer and Communication
Network-Based Dictionary Attack Detection
ICFN '09 Proceedings of the 2009 International Conference on Future Networks
NetFlow Based Intrusion Detection System
MMIT '08 Proceedings of the 2008 International Conference on MultiMedia and Information Technology
Study on the Risk Detection about Network Security Based on Grey Theory
IFITA '09 Proceedings of the 2009 International Forum on Information Technology and Applications - Volume 01
Improving Host Profiling with Bidirectional Flows
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Netflow based system for NAT detection
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
Self-management of hybrid networks: can we trust NetFlow data?
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Communities of interest for internet traffic prioritization
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
A heuristic method of finding heavy hitter prefix pairs in IP traffic
IEEE Communications Letters
A Network Access Control Mechanism Based on Behavior Profiles
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Hit-list worm detection and bot identification in large networks using protocol graphs
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Fine-grained traffic classification with netflow data
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Cybermetrics: user identification through network flow analysis
AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
Distributed architecture for real-time traffic analysis
AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
Digging into HTTPS: flow-based classification of webmail traffic
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Network prefix-level traffic profiling: Characterizing, modeling, and evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Masquerade Detection in Network Environments
SAINT '10 Proceedings of the 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet
A hadoop-based packet trace processing tool
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Peeling away timing error in netflow data
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
FACT: flow-based approach for connectivity tracking
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
BotTrack: tracking botnets using NetFlow and PageRank
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
Machine learning approach for IP-flow record anomaly detection
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
Detection of Attackers in Services Using Anomalous Host Behavior Based on Traffic Flow Statistics
SAINT '11 Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet
Research on Errors of Utilized Bandwidth Measured by NetFlow
ICNDC '11 Proceedings of the 2011 Second International Conference on Networking and Distributed Computing
GerbilSphere: Inner sphere network visualization
Computer Networks: The International Journal of Computer and Telecommunications Networking
Opportunistic flow-level latency estimation using consistent netflow
IEEE/ACM Transactions on Networking (TON)
A survey of techniques for internet traffic classification using machine learning
IEEE Communications Surveys & Tutorials
An Overview of IP Flow-Based Intrusion Detection
IEEE Communications Surveys & Tutorials
BotCloud: Detecting botnets using MapReduce
WIFS '11 Proceedings of the 2011 IEEE International Workshop on Information Forensics and Security
A supervised machine learning approach to classify host roles on line using sFlow
Proceedings of the first edition workshop on High performance and programmable networking
Toward an efficient and scalable feature selection approach for internet traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
It has been over 16 years since Cisco's NetFlow was patented in 1996. Extensive research has been conducted since then and many applications have been developed. In this survey, we have reviewed an extensive number of studies with emphasis on network flow applications. First, we provide a brief introduction to sFlow, NetFlow and network traffic analysis. Then, we review the state of the art in the field by presenting the main perspectives and methodologies. Our analysis has revealed that network security has been an important research topic since the beginning. Advanced methodologies, such as machine learning, have been very promising. We provide a critique of the studies surveyed about datasets, perspectives, methodologies, challenges, future directions and ideas for potential integration with other Information Technology infrastructure and methods. Finally, we concluded this survey.