Flow-Based Compromise Detection: Lessons Learned

Rick Hofstede, Aiko Pras, Anna Sperotto, Gabi Dreo Rodosek

Research output: Contribution to journalArticle

Abstract

Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.
LanguageEnglish
Pages82-89
JournalIEEE security & privacy
Volume16
Issue number1
DOIs
StatePublished - Jan 2018

Fingerprint

Data flow analysis
compromise
Scalability
data analysis
privacy
artifact

Cite this

Hofstede, Rick ; Pras, Aiko ; Sperotto, Anna ; Dreo Rodosek, Gabi. / Flow-Based Compromise Detection : Lessons Learned. In: IEEE security & privacy. 2018 ; Vol. 16, No. 1. pp. 82-89
@article{cf6bc4e4ad1e477cafce8c5b6e1204c4,
title = "Flow-Based Compromise Detection: Lessons Learned",
abstract = "Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.",
author = "Rick Hofstede and Aiko Pras and Anna Sperotto and {Dreo Rodosek}, Gabi",
year = "2018",
month = "1",
doi = "10.1109/MSP.2018.1331021",
language = "English",
volume = "16",
pages = "82--89",
journal = "IEEE security & privacy",
issn = "1540-7993",
publisher = "Institute of Electrical and Electronics Engineers",
number = "1",

}

Flow-Based Compromise Detection : Lessons Learned. / Hofstede, Rick; Pras, Aiko ; Sperotto, Anna ; Dreo Rodosek, Gabi.

In: IEEE security & privacy, Vol. 16, No. 1, 01.2018, p. 82-89.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Flow-Based Compromise Detection

T2 - IEEE security & privacy

AU - Hofstede,Rick

AU - Pras,Aiko

AU - Sperotto,Anna

AU - Dreo Rodosek,Gabi

PY - 2018/1

Y1 - 2018/1

N2 - Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.

AB - Although the aggregated nature of exported flow data provides many advantages in terms of privacy and scalability, flow data may contain artifacts that impair data analysis. In this article, we investigate the differences between flow data analysis in theory and practice — that is, in lab environments and production networks.

U2 - 10.1109/MSP.2018.1331021

DO - 10.1109/MSP.2018.1331021

M3 - Article

VL - 16

SP - 82

EP - 89

JO - IEEE security & privacy

JF - IEEE security & privacy

SN - 1540-7993

IS - 1

ER -