Publikation:

Interactive Analysis of NetFlows for Misuse Detection in Large IP Networks

Vorschaubild

Dateien

Mansmann_2009_InteractiveAnalysis.pdf
Mansmann_2009_InteractiveAnalysis.pdfGröße: 4.08 MBDownloads: 358

Datum

2009

Autor:innen

Pietzko, Stephan

Herausgeber:innen

Kontakt

ISSN der Zeitschrift

Electronic ISSN

ISBN

Bibliografische Daten

Verlag

Schriftenreihe

Auflagebezeichnung

URI (zitierfähiger Link)
http://nbn-resolving.de/urn:nbn:de:bsz:352-opus-87939
DOI (zitierfähiger Link)
ArXiv-ID

Internationale Patentnummer

Link zur Lizenz
Urheberrechtlich geschützt

Angaben zur Forschungsförderung

Projekt

Open Access-Veröffentlichung
Open Access Green

Sammlungen

Informatik und Informationswissenschaft: Publikationen
Core Facility der Universität Konstanz

Gesperrt bis

Titel in einer weiteren Sprache

Publikationstyp
Beitrag zu einem Sammelband
Publikationsstatus
Published

Erschienen in

MÜLLER, Paul, ed.. 2. DFN-Forum Kommunikationstechnik : Verteilte Systeme im Wissenschaftsbereich ; 27.05. - 28.05.2009 in München. Bonn: Gesellschaft für Informatik, 2009, pp. 115-124. GI-Edition - Lecture Notes in Informatics. 149. ISBN 978-3-88579-243-7

Zusammenfassung

While more and more applications require higher network bandwidth, there is also a tendency that large portions of this bandwidth are misused for dubious purposes, such as unauthorized VoIP, file sharing, or criminal botnet activity. Automatic intrusion detection methods can detect a large portion of such misuse, but novel patterns can only be detected by humans. Moreover, interpretation of large amounts of alerts imposes new challenges on the analysts. The goal of this paper is to present the visual analysis system NFlowVis to interactively detect unwanted usage of the network infrastructure either by pivoting NetFlows using lDS a1erts or by specifying usage patterns, such as sets of suspicious port numbers. Thereby, our work focuses on providing a scalable approach to store and retrieve large quantities of NetFlows by means of a database management system.

Zusammenfassung in einer weiteren Sprache

Fachgebiet (DDC)
004 Informatik

Schlagwörter

Konferenz

Rezension
undefined / . - undefined, undefined

Forschungsvorhaben

Organisationseinheiten

Zeitschriftenheft

Zugehörige Datensätze in KOPS

Zitieren

ISO 690MANSMANN, Florian, Fabian FISCHER, Daniel A. KEIM, Stephan PIETZKO, Marcel WALDVOGEL, 2009. Interactive Analysis of NetFlows for Misuse Detection in Large IP Networks. In: MÜLLER, Paul, ed.. 2. DFN-Forum Kommunikationstechnik : Verteilte Systeme im Wissenschaftsbereich ; 27.05. - 28.05.2009 in München. Bonn: Gesellschaft für Informatik, 2009, pp. 115-124. GI-Edition - Lecture Notes in Informatics. 149. ISBN 978-3-88579-243-7
BibTex
@incollection{Mansmann2009Inter-5752,
  year={2009},
  title={Interactive Analysis of NetFlows for Misuse Detection in Large IP Networks},
  number={149},
  isbn={978-3-88579-243-7},
  publisher={Gesellschaft für Informatik},
  address={Bonn},
  series={GI-Edition - Lecture Notes in Informatics},
  booktitle={2. DFN-Forum Kommunikationstechnik  :  Verteilte Systeme im Wissenschaftsbereich  ;  27.05.  - 28.05.2009 in München},
  pages={115--124},
  editor={Müller, Paul},
  author={Mansmann, Florian and Fischer, Fabian and Keim, Daniel A. and Pietzko, Stephan and Waldvogel, Marcel}
}
RDF
<rdf:RDF
    xmlns:dcterms="http://purl.org/dc/terms/"
    xmlns:dc="http://purl.org/dc/elements/1.1/"
    xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
    xmlns:bibo="http://purl.org/ontology/bibo/"
    xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#"
    xmlns:foaf="http://xmlns.com/foaf/0.1/"
    xmlns:void="http://rdfs.org/ns/void#"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > 
  <rdf:Description rdf:about="https://kops.uni-konstanz.de/server/rdf/resource/123456789/5752">
    <dcterms:title>Interactive Analysis of NetFlows for Misuse Detection in Large IP Networks</dcterms:title>
    <dcterms:bibliographicCitation>First publ. in: 2. DFN-Forum Kommunikationstechnik : Verteilte Systeme im Wissenschaftsbereich ; 27.05. - 28.05.2009 in München / Müller, Paul (Hrsg.). - Bonn: Gesellschaft für Informatik, 2009. - (GI-Edition - Lecture Notes in Informatics ; 149). - pp. 115-124. - ISBN 978-3-88579-243-7</dcterms:bibliographicCitation>
    <dc:contributor>Pietzko, Stephan</dc:contributor>
    <dc:language>eng</dc:language>
    <dcterms:abstract xml:lang="eng">While more and more applications require higher network bandwidth, there is also a tendency that large portions of this bandwidth are misused for dubious purposes, such as unauthorized VoIP, file sharing, or criminal botnet activity. Automatic intrusion detection methods can detect a large portion of such misuse, but novel patterns can only be detected by humans. Moreover, interpretation of large amounts of alerts imposes new challenges on the analysts. The goal of this paper is to present the visual analysis system NFlowVis to interactively detect unwanted usage of the network infrastructure either by pivoting NetFlows using lDS a1erts or by specifying usage patterns, such as sets of suspicious port numbers. Thereby, our work focuses on providing a scalable approach to store and retrieve large quantities of NetFlows by means of a database management system.</dcterms:abstract>
    <dc:creator>Waldvogel, Marcel</dc:creator>
    <dc:contributor>Keim, Daniel A.</dc:contributor>
    <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:59:49Z</dcterms:available>
    <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/5752"/>
    <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/>
    <dc:creator>Mansmann, Florian</dc:creator>
    <dc:contributor>Mansmann, Florian</dc:contributor>
    <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5752/1/Mansmann_2009_InteractiveAnalysis.pdf"/>
    <dc:format>application/pdf</dc:format>
    <foaf:homepage rdf:resource="http://localhost:8080/"/>
    <dc:creator>Fischer, Fabian</dc:creator>
    <dc:rights>terms-of-use</dc:rights>
    <dcterms:issued>2009</dcterms:issued>
    <dc:creator>Keim, Daniel A.</dc:creator>
    <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/5752/1/Mansmann_2009_InteractiveAnalysis.pdf"/>
    <dc:contributor>Fischer, Fabian</dc:contributor>
    <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/server/rdf/resource/123456789/36"/>
    <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/>
    <dc:contributor>Waldvogel, Marcel</dc:contributor>
    <dc:creator>Pietzko, Stephan</dc:creator>
    <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T15:59:49Z</dc:date>
  </rdf:Description>
</rdf:RDF>

Interner Vermerk

xmlui.Submission.submit.DescribeStep.inputForms.label.kops_note_fromSubmitter

Kontakt
URL der Originalveröffentl.

Prüfdatum der URL

Prüfungsdatum der Dissertation

Finanzierungsart

Kommentar zur Publikation

Allianzlizenz
Corresponding Authors der Uni Konstanz vorhanden
Internationale Co-Autor:innen
Universitätsbibliographie
Ja
Begutachtet
Diese Publikation teilen