Improving Host Profiling With Bidirectional Flows
| MINAŘÍK, Pavel, Vojtěch KRMÍČEK and Jan VYKOPAL. Improving Host Profiling With Bidirectional Flows. In 2009 International Conference on Computational Science and Engineering. Vancouver, Canada: IEEE Computer Society, 2009, p. 231-237. ISBN 978-0-7695-3823-5. |
|
Other formats:
BibTeX
LaTeX
RIS
|
| Basic information | |
|---|---|
| Original name | Improving Host Profiling With Bidirectional Flows |
| Name in Czech | Zlepšení profilování zařízení na síti pomocí párových toků |
| Authors | MINAŘÍK, Pavel (203 Czech Republic, guarantor, belonging to the institution), Vojtěch KRMÍČEK (203 Czech Republic, belonging to the institution) and Jan VYKOPAL (203 Czech Republic, belonging to the institution). |
| Edition | Vancouver, Canada, 2009 International Conference on Computational Science and Engineering, p. 231-237, 7 pp. 2009. |
| Publisher | IEEE Computer Society |
| Other information | |
|---|---|
| Original language | English |
| Type of outcome | Proceedings paper |
| Field of Study | 10201 Computer sciences, information science, bioinformatics |
| Country of publisher | Czech Republic |
| Confidentiality degree | is not subject to a state or trade secret |
| RIV identification code | RIV/00216224:14610/09:00040914 |
| Organization unit | Institute of Computer Science |
| ISBN | 978-0-7695-3823-5 |
| Keywords (in Czech) | profilování chování;analýza provozu na síti;párové toky |
| Keywords in English | behavior profiling;network traffic analysis;bidirectional flows |
| Tags | rivok |
| Tags | International impact, Reviewed |
| Changed by | Changed by: Mgr. Marta Novotná Buršíková, učo 15689. Changed: 20/4/2011 14:38. |
| Abstract |
|---|
| We present an approach to network devices behavior profiling based on NetFlow monitoring and a bidirectional flows extension. Behavior profiles of network devices typically focus on communicating peers, amount of traffic and traffic structure. However, using an implementation of the bidirectional flows standard we are able to distinguish between servers, clients and single flows directly which increases the profile quality. |
| Abstract (in Czech) |
|---|
| Tato publikace se zabývá otázkou profilování chování zařízení na síti založeném na NetFlow datech a rozšíření o tzv. párové toky. Profily chování se typicky soustřeďují na komunikační partnery, objem provozu nebo strukturu provozu. Díky implementaci párových toků je možné rozlišit servery, klienty a nepárové toky přímo, což zvyšuje kvalitu profilu. |
| Links | |
|---|---|
| OVMASUN200801, research and development project | Name: CYBER ? Bezpečnost informačních a komunikačních systémů AČR - on line monitorování, vizualizace a filtrace paketů. Rozvoj schopností Computer Incident Response Capability v prostředí Cyber Defence. (Acronym: CYBER) |
| Investor: Ministry of Defence of the CR, CYBER - Security of Czech Army Information and Communication Systems - On-line Monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment | |
PrintDisplayed: 9/10/2024 08:02