Abstract | ||
---|---|---|
While more and more applications require higher network bandwidth, there is al- so a tendency that large portions of this bandwidth are misused for dubious purposes, such as unauthorized VoIP, file sharing, or criminal botnet activity. Automatic intru- sion detection methods can detect a large portion of such misuse, but novel patterns can only be detected by humans. Moreover, interpretation of large amounts of alerts imposes new challenges on the analysts. The goal of this paper is to present the vi- sual analysis system NFlowVis to interactively detect unwanted usage of the network infrastructure either by pivoting NetFlows using IDS alerts or by specifying usage pat- terns, such as sets of suspicious port numbers. Thereby, our work focuses on providing a scalable approach to store and retrieve large quantities of NetFlows by means of a database management system. |
Year | Venue | Keywords |
---|---|---|
2009 | DFN-Forum Kommunikationstechnologien | file sharing,database management system |
Field | DocType | Citations |
Port (computer networking),Computer science,Computer security,Botnet,Computer network,Bandwidth (signal processing),File sharing,Misuse detection,Intrusion detection system,Voice over IP,Scalability | Conference | 1 |
PageRank | References | Authors |
0.36 | 12 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Florian Mansmann | 1 | 589 | 35.91 |
Fabian Fischer | 2 | 199 | 12.94 |
Daniel A. Keim | 3 | 7704 | 1141.60 |
Stephan Pietzko | 4 | 39 | 1.88 |
Marcel Waldvogel | 5 | 1537 | 166.65 |