About: Optimizing Flow Sampling for Network Anomaly Detection

Facets (new session)
Description
Metadata
Settings
- owl:sameAs
- Inference Rule:

About: Optimizing Flow Sampling for Network Anomaly Detection Goto Sponge NotDistinct Permalink

An Entity of Type : http://linked.opendata.cz/ontology/domain/vavai/Vysledek, within Data Space : linked.opendata.cz associated with source document(s)

Attributes	Values
rdf:type	skos:Concept http://linked.opendata.cz/ontology/domain/vavai/Vysledek
Description	Sampling techniques are widely employed in high-speed network traffic monitoring to allow the analysis of high traffic volumes with limited resources. Sampling has measurable negative impact on the accuracy of network anomaly detection methods. In our work, we build an integrated model which puts the sampling into the context of the anomaly detection used in the subsequent processing. Using this model, we show that it is possible to perform very efficient sampling with limited impact on traffic feature distributions, thus minimizing the decrease of anomaly detection efficiency. Specifically, we propose an adaptive, feature-aware statistical sampling technique and compare it both formally and empirically with other known sampling techniques - random flow sampling and selective sampling. We study the impact of these sampling techniques on particular anomaly detection methods used in a network behavior analysis system. Sampling techniques are widely employed in high-speed network traffic monitoring to allow the analysis of high traffic volumes with limited resources. Sampling has measurable negative impact on the accuracy of network anomaly detection methods. In our work, we build an integrated model which puts the sampling into the context of the anomaly detection used in the subsequent processing. Using this model, we show that it is possible to perform very efficient sampling with limited impact on traffic feature distributions, thus minimizing the decrease of anomaly detection efficiency. Specifically, we propose an adaptive, feature-aware statistical sampling technique and compare it both formally and empirically with other known sampling techniques - random flow sampling and selective sampling. We study the impact of these sampling techniques on particular anomaly detection methods used in a network behavior analysis system. (en)
Title	Optimizing Flow Sampling for Network Anomaly Detection Optimizing Flow Sampling for Network Anomaly Detection (en)
skos:prefLabel	Optimizing Flow Sampling for Network Anomaly Detection Optimizing Flow Sampling for Network Anomaly Detection (en)
skos:notation	RIV/68407700:21230/11:00181849!RIV12-MSM-21230___
http://linked.open...avai/predkladatel	Fakulta elektrotechnická
http://linked.open...avai/riv/aktivita	P S
http://linked.open...avai/riv/aktivity	P(ME10051), P(MEB111008), S
http://linked.open...vai/riv/dodaniDat	2012
http://linked.open...aciTvurceVysledku	Rehák, Martin Bartoš, Karel
http://linked.open.../riv/druhVysledku	D - Článek ve sborníku
http://linked.open...iv/duvernostUdaju	S - Úplné a pravdivé údaje nepodléhající ochraně podle zvláštních právních předpisů
http://linked.open...titaPredkladatele	České vysoké učení technické v Praze / Fakulta elektrotechnická
http://linked.open...dnocenehoVysledku	218798
http://linked.open...ai/riv/idVysledku	RIV/68407700:21230/11:00181849
http://linked.open...riv/jazykVysledku	eng - angličtina
http://linked.open.../riv/klicovaSlova	NetFlow; sampling methods; anomaly detection; network traffic (en)
http://linked.open.../riv/klicoveSlovo	NetFlow sampling methods network traffic anomaly detection
http://linked.open...ontrolniKodProRIV	[E99FBA2CC6C2]
http://linked.open...v/mistoKonaniAkce	Istanbul
http://linked.open...i/riv/mistoVydani	Piscataway
http://linked.open...i/riv/nazevZdroje	Wireless Communications and Mobile Computing 2011
http://linked.open...in/vavai/riv/obor	JC
http://linked.open...ichTvurcuVysledku	2 (xsd:int)
http://linked.open...cetTvurcuVysledku	3 (xsd:int)
http://linked.open...vavai/riv/projekt	Distributed Heterogeneous Agent-Based Intrusion Detection System AnomalyNET: Anomaly detection enhanced honeypots
http://linked.open...UplatneniVysledku	2011
http://linked.open...iv/tvurceVysledku	Bartoš, Karel Rehák, Martin Krmíček, V.
http://linked.open...vavai/riv/typAkce	WRD - Světová
http://linked.open.../riv/zahajeniAkce	2011-07-05 (xsd:date)
number of pages	6 (xsd:int)
http://purl.org/ne...btex#hasPublisher	IEEE
https://schema.org/isbn	978-1-4244-9539-9
http://localhost/t...ganizacniJednotka	21230
is http://linked.open...avai/riv/vysledek of	Optimizing Flow Sampling for Network Anomaly Detection Optimizing Flow Sampling for Network Anomaly Detection

Faceted Search & Find service v1.16.118 as of Jun 21 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 07.20.3240 as of Jun 21 2024, on Linux (x86_64-pc-linux-gnu), Single-Server Edition (126 GB total memory, 19 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software