RiskRank: Security risk ranking for IP flow records

RiskRank: Security risk ranking for IP flow records

This paper considers the monitoring of large volumes of IP flow records, typically encountered on large ISP backbone/edge routers. The approach described in our paper aims to detect relevant flow records, where relevancy is related to overall traffic activity and associated applications. The core co...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Shaonan Wang, State, Radu, Ourdane, Mohamed, Engel, Thomas
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Analytical models
IP networks
Joining processes
Monitoring
Peer to peer computing
Protocols
Web pages
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper considers the monitoring of large volumes of IP flow records, typically encountered on large ISP backbone/edge routers. The approach described in our paper aims to detect relevant flow records, where relevancy is related to overall traffic activity and associated applications. The core contribution of the paper consists in a dependency graph that leverages relationships between hosts, as well as flow-specific risk modeling. The risk model is constructed using well-known link analysis algorithms and application-specific signatures.
ISSN:2165-9605
DOI:10.1109/CNSM.2010.5691334