Wang et al., 2014 - Google Patents
A new sketch method for measuring host connection degree distributionWang et al., 2014
- Document ID
- 930256280049897270
- Author
- Wang P
- Guan X
- Zhao J
- Tao J
- Qin T
- Publication year
- Publication venue
- IEEE transactions on information forensics and security
External Links
Snippet
The host connection degree distribution (HCDD) is an important metric for network security monitoring. However, it is difficult to accurately obtain the HCDD in real time for high-speed links with a massive amount of traffic data. In this paper, we propose a new sketch method to …
- 238000005070 sampling 0 abstract description 31
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
- H04L43/062—Report generation for traffic related reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/14—Arrangements for maintenance or administration or management of packet switching networks involving network analysis or design, e.g. simulation, network model or planning
- H04L41/142—Arrangements for maintenance or administration or management of packet switching networks involving network analysis or design, e.g. simulation, network model or planning using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/12—Arrangements for monitoring or testing packet switching networks using dedicated network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/08—Monitoring based on specific metrics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/10—Arrangements for monitoring or testing packet switching networks using active monitoring, e.g. heartbeat protocols, polling, ping, trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/16—Arrangements for monitoring or testing packet switching networks using threshold monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Wang et al. | Delving into internet DDoS attacks by botnets: characterization and analysis | |
| Wang et al. | A new sketch method for measuring host connection degree distribution | |
| Schweller et al. | Reversible sketches for efficient and accurate change detection over network data streams | |
| Yeung et al. | Covariance-matrix modeling and detecting various flooding attacks | |
| Wang et al. | A data streaming method for monitoring host connection degrees of high-speed links | |
| Yoon et al. | Fit a compact spread estimator in small high-speed memory | |
| Lappas et al. | Data mining techniques for (network) intrusion detection systems | |
| Soundararaj et al. | Estimating real-time high-street footfall from Wi-Fi probe requests | |
| Huang et al. | An efficient k-persistent spread estimator for traffic measurement in high-speed networks | |
| CN105577679A (en) | Method for detecting anomaly traffic based on feature selection and density peak clustering | |
| Huang et al. | You Can Drop but You Can't Hide: $ K $-persistent Spread Estimation in High-speed Networks | |
| Zhou et al. | Persistent spread measurement for big network data based on register intersection | |
| Callegari et al. | A methodological overview on anomaly detection | |
| Han et al. | Applications of sketches in network traffic measurement: A survey | |
| CN106878314B (en) | Network malicious behavior detection method based on credibility | |
| Mahmood et al. | Critical infrastructure protection: Resource efficient sampling to improve detection of less frequent patterns in network traffic | |
| Patcha et al. | Network anomaly detection with incomplete audit data | |
| Garasia et al. | HTTP botnet detection using frequent patternset mining | |
| Malik et al. | IoT-Sentry: A cross-layer-based intrusion detection system in standardized Internet of Things | |
| Vieira et al. | Model order selection and eigen similarity based framework for detection and identification of network attacks | |
| Qin et al. | A new connection degree calculation and measurement method for large scale network monitoring | |
| Tudor et al. | Harnessing the unknown in advanced metering infrastructure traffic | |
| Kim et al. | A new approach to multivariate network traffic analysis | |
| Wang et al. | Virtual indexing based methods for estimating node connection degrees | |
| Shaman et al. | User profiling based on application-level using network metadata |