Flow-Based Compromise Detection: Lessons Learned

Rick Hofstede; Aiko  Pras; Anna  Sperotto; Gabi Dreo Rodosek

doi:10.1109/MSP.2018.1331021

Flow-Based Compromise Detection: Lessons Learned

Rick Hofstede (Corresponding Author), Aiko Pras (Corresponding Author), Anna Sperotto, Gabi Dreo Rodosek

Research output: Contribution to journal › Article › Academic › peer-review

12 Citations (Scopus)

132 Downloads (Pure)

Abstract

Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.

Original language	English
Article number	8283485
Pages (from-to)	82-89
Number of pages	8
Journal	IEEE security & privacy
Volume	16
Issue number	1
Early online date	6 Feb 2018
DOIs	https://doi.org/10.1109/MSP.2018.1331021
Publication status	Published - 16 Dec 2018

Access to Document

10.1109/MSP.2018.1331021

Hofstede2018flow-basedFinal published version, 244 KBLicence: Taverne

Cite this

@article{cf6bc4e4ad1e477cafce8c5b6e1204c4,

title = "Flow-Based Compromise Detection: Lessons Learned",

abstract = "Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.",

author = "Rick Hofstede and Aiko Pras and Anna Sperotto and {Dreo Rodosek}, Gabi",

year = "2018",

month = dec,

day = "16",

doi = "10.1109/MSP.2018.1331021",

language = "English",

volume = "16",

pages = "82--89",

journal = "IEEE security & privacy",

issn = "1540-7993",

publisher = "IEEE",

number = "1",

}

TY - JOUR

T1 - Flow-Based Compromise Detection

T2 - Lessons Learned

AU - Hofstede, Rick

AU - Pras, Aiko

AU - Sperotto, Anna

AU - Dreo Rodosek, Gabi

PY - 2018/12/16

Y1 - 2018/12/16

N2 - Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.

AB - Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.

U2 - 10.1109/MSP.2018.1331021

DO - 10.1109/MSP.2018.1331021

M3 - Article

VL - 16

SP - 82

EP - 89

JO - IEEE security & privacy

JF - IEEE security & privacy

SN - 1540-7993

IS - 1

M1 - 8283485

ER -

Flow-Based Compromise Detection: Lessons Learned

Abstract

Access to Document

Fingerprint

Cite this