Use this resource - and many more! - in your textbook!
AcademicPub holds over eight million pieces of educational content for you to mix-and-match your way.
An Overview of IP Flow-Based Intrusion Detection
2010 / IEEE
This item was taken from the IEEE Periodical ' An Overview of IP Flow-Based Intrusion Detection ' Intrusion detection is an important area of research. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. However, packet inspection cannot easily be performed at high-speeds. Therefore, researchers and operators started investigating alternative approaches, such as flow-based intrusion detection. In that approach the flow of data through the network is analyzed, instead of the contents of each individual packet. The goal of this paper is to provide a survey of current research in the area of flow-based intrusion detection. The survey starts with a motivation why flow-based intrusion detection is needed. The concept of flows is explained, and relevant standards are identified. The paper provides a classification of attacks and defense techniques and shows how flow-based techniques can be used to detect scans, worms, Botnets and (DoS) attacks.
Ip Flow Based Intrusion Detection
Data Flow Analysis
Computer Network Security
Communication, Networking And Broadcast Technologies