Machine Learning Approach for IP-Flow Record Anomaly Detection

Machine Learning Approach for IP-Flow Record Anomaly Detection,10.1007/978-3-642-20757-0_3,Cynthia Wagner,Jérôme François,Radu State,Thomas Engel

Machine Learning Approach for IP-Flow Record Anomaly Detection   (Citations: 1)
BibTex | RIS | RefWorks Download
Faced to continuous arising new threats, the detection of anomalies in current operational networks has become essential. Network operators have to deal with huge data volumes for analysis purpose. To counter this main issue, dealing with IP flow (also known as Netflow) records is common in network management. However, still in modern networks, Netflow records represent high volume of data. In this paper, we present an approach for evaluating Netflow records by referring to a method of temporal aggregation applied to Machine Learning techniques. We present an approach that leverages support vector machines in order to analyze large volumes of Netflow records. Our approach is using a special kernel function, that takes into account both the contextual and the quantitative information of Netflow records. We assess the viability of our method by practical experimentation on data volumes provided by a major internet service provider in Luxembourg.
Conference: Networking - Networking , pp. 28-39, 2011
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
Sort by: