Real-Time and Resilient Intrusion Detection: A Flow-Based Approach

R.J. Hofstede, Aiko Pras

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    6 Citations (Scopus)
    60 Downloads (Pure)

    Abstract

    Flow-based intrusion detection will play an important role in high-speed networks, due to the stringent performance requirements of packet-based solutions. Flow monitoring technologies, such as NetFlow or IPFIX, aggregate individual packets into flows, requiring new intrusion detection algorithms to deal with the aggregated data. These algorithms are subject to constraints on real-time and accurate detection of intrusions, due to the nature of current flow monitoring technologies. In this paper, we propose a framework for flow-based intrusion detection, aiming to detect intrusions in real-time, and to be resilient against negative effects of attacks on monitoring systems. This research is still in its initial phase and will contribute to a Ph.D. thesis after four years.
    Original languageUndefined
    Title of host publicationProceedings of the 6th International Conference on Autonomous Infrastructure, Management, and Security (AIMS 2012)
    Place of PublicationBerlin
    PublisherSpringer
    Pages109-112
    Number of pages4
    ISBN (Print)978-3-642-30632-7
    DOIs
    Publication statusPublished - Jun 2012

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    Volume7279
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Keywords

    • METIS-287905
    • EWI-21998
    • EC Grant Agreement nr.: FP7/257513
    • IR-80709

    Cite this