Nothing Special   »   [go: up one dir, main page]

Venkataraman et al., 2005 - Google Patents

New streaming algorithms for fast detection of superspreaders.

Venkataraman et al., 2005

View PDF
Document ID
2333689017758140052
Author
Venkataraman S
Song D
Gibbons P
Blum A
Publication year
Publication venue
NDSS

External Links

Snippet

High-speed monitoring of Internet traffic is an important and challenging problem, with applications to real-time attack detection and mitigation, traffic engineering, etc. However, packet-level monitoring requires fast streaming algorithms that use very little memory space …
Continue reading at reports-archive.adm.cs.cmu.edu (PDF) (other versions)

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/02Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
    • H04L43/026Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/26Monitoring arrangements; Testing arrangements
    • H04L12/2602Monitoring arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/16Arrangements for monitoring or testing packet switching networks using threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/08Monitoring based on specific metrics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup or address filtering
    • H04L45/7453Address table lookup or address filtering using hashing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/06Report generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing packet switching networks
    • H04L43/10Arrangements for monitoring or testing packet switching networks using active monitoring, e.g. heartbeat protocols, polling, ping, trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic regulation in packet switching networks
    • H04L47/10Flow control or congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance or administration or management of packet switching networks

Similar Documents

Publication Publication Date Title
Venkataraman et al. New streaming algorithms for fast detection of superspreaders.
Fisk et al. Applying fast string matching to intrusion detection
Fisk et al. Fast content-based packet handling for intrusion detection
EP3905622A1 (en) Botnet detection method and system, and storage medium
Lahiri et al. Space-efficient tracking of persistent items in a massive data stream
Xu et al. ELDA: Towards efficient and lightweight detection of cache pollution attacks in NDN
Mahmood et al. Critical infrastructure protection: Resource efficient sampling to improve detection of less frequent patterns in network traffic
Patcha et al. Network anomaly detection with incomplete audit data
Sharma et al. On selection of attributes for entropy based detection of DDoS
Jaaz et al. Database techniques for resilient network monitoring and inspection
Scherrer et al. Low-rate overuse flow tracer (loft): An efficient and scalable algorithm for detecting overuse flows
Li et al. Scan detection in high-speed networks based on optimal dynamic bit sharing
Jia et al. Loglog filter: Filtering cold items within a large range over high speed data streams
Bin et al. A NetFlow based flow analysis and monitoring system in enterprise networks
Shi et al. Cuckoo counter: Adaptive structure of counters for accurate frequency and top-k estimation
Reviriego et al. Pollution attacks on counting bloom filters for black box adversaries
Locher Finding heavy distinct hitters in data streams
Chen et al. Persistent items tracking in large data streams based on adaptive sampling
Braun et al. Packet sampling for worm and botnet detection in TCP connections
AT&T
Meng et al. Single character frequency-based exclusive signature matching scheme
Zhang et al. Identifying heavy hitters in high-speed network monitoring
Chang et al. A flow-based anomaly detection method using entropy and multiple traffic features
Sun et al. More accurate and fast SYN flood detection
Divakaran et al. REX: Resilient and efficient data structure for tracking network flows