TY - GEN
T1 - Real-Time and Resilient Intrusion Detection: A Flow-Based Approach
AU - Hofstede, R.J.
AU - Pras, Aiko
N1 - 10.1007/978-3-642-30633-4_13
PY - 2012/6
Y1 - 2012/6
N2 - Flow-based intrusion detection will play an important role in high-speed networks, due to the stringent performance requirements of packet-based solutions. Flow monitoring technologies, such as NetFlow or IPFIX, aggregate individual packets into flows, requiring new intrusion detection algorithms to deal with the aggregated data. These algorithms are subject to constraints on real-time and accurate detection of intrusions, due to the nature of current flow monitoring technologies. In this paper, we propose a framework for flow-based intrusion detection, aiming to detect intrusions in real-time, and to be resilient against negative effects of attacks on monitoring systems. This research is still in its initial phase and will contribute to a Ph.D. thesis after four years.
AB - Flow-based intrusion detection will play an important role in high-speed networks, due to the stringent performance requirements of packet-based solutions. Flow monitoring technologies, such as NetFlow or IPFIX, aggregate individual packets into flows, requiring new intrusion detection algorithms to deal with the aggregated data. These algorithms are subject to constraints on real-time and accurate detection of intrusions, due to the nature of current flow monitoring technologies. In this paper, we propose a framework for flow-based intrusion detection, aiming to detect intrusions in real-time, and to be resilient against negative effects of attacks on monitoring systems. This research is still in its initial phase and will contribute to a Ph.D. thesis after four years.
KW - METIS-287905
KW - EWI-21998
KW - EC Grant Agreement nr.: FP7/257513
KW - IR-80709
U2 - 10.1007/978-3-642-30633-4_13
DO - 10.1007/978-3-642-30633-4_13
M3 - Conference contribution
SN - 978-3-642-30632-7
T3 - Lecture Notes in Computer Science
SP - 109
EP - 112
BT - Proceedings of the 6th International Conference on Autonomous Infrastructure, Management, and Security (AIMS 2012)
PB - Springer
CY - Berlin
T2 - 6th International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2012
Y2 - 4 June 2012 through 8 June 2012
ER -