Back to University of Twente portal
Real-Time and Resilient Intrusion Detection: A Flow-Based Approach
Hofstede, Rick and Pras, Aiko (2012) Real-Time and Resilient Intrusion Detection: A Flow-Based Approach. In: TERENA Networking Conference 2012, 21-24 May 2012, Reykjavik, Iceland.
![[img]](http://doc.utwente.nl/style/images/fileicons/application_pdf.png)
| PDF (Poster) 3130Kb | |
| PDF (Abstract) 52Kb |
| Abstract: | Due to the demanding performance requirements of packet-based monitoring solutions on network equipment, flow-based intrusion detection systems will play an increasingly important role in current high-speed networks. The required technologies are already available and widely deployed: NetFlow and the newer IPFIX aggregate packets into flows and are applicable in networks with line speeds in excess of 1Gbit/s. Intrusion detection systems need to be modified in order to deal with the aggregated flow data. As such, we have to consider constraints on the real-time and accurate detection of intrusions, imposed by the nature of current flow monitoring technologies. This poster presents a framework for flow-based intrusion detection, aiming to detect intrusions in real-time, and to be resilient against negative effects of attacks on monitoring systems. |
| Item Type: | Conference or Workshop Item |
| Faculty: | Electrical Engineering, Mathematics and Computer Science (EEMCS) |
| Research Group: | |
| Link to this item: | http://purl.utwente.nl/publications/82079 |
| Official URL: | https://tnc2012.terena.org/core/poster/21 |
| Conference URL: | https://tnc2012.terena.org/ |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page