The Library
Challenges in identifying network attacks using Netflow data
Tools
Chuah, Edward, Suri, Neeraj, Jhumka, Arshad and Alt, Samantha (2022) Challenges in identifying network attacks using Netflow data. In: 2021 IEEE 20th International Symposium on Network Computing and Applications (NCA), Boston, MA, USA, 23-26 Nov 2021. Published in: Proceedings of the 2021 IEEE 20th International Symposium on Network Computing and Applications (NCA) pp. 1-10. ISBN 9781665495509. doi:10.1109/NCA53618.2021.9685305 ISSN 2643-7929.
Research output not available from this repository.
Request-a-Copy directly from author or use local Library Get it For Me service.
Official URL: http://dx.doi.org/10.1109/NCA53618.2021.9685305
Abstract
Large networks often encounter attacks that can affect the network availability. While multiple techniques exist to detect network attacks, a comprehensive understanding of how an attack occurs considering the various layers and components of the network software stack, can be an important element to help improve network security. By performing correlation analysis on contemporary unlabeled Netflow data, this paper conducts a comprehensive study of network flow events to identify communication patterns that may precede an attack, thereby providing potentially useful attack signatures to network administrators. Our work shows that, surprisingly, the Netflow data is not strongly correlated to network attacks. We observe that while spoof requests trigger reflection attacks, only a small percentage of the network packets are associated with the attack. Furthermore, lead time enhancements are feasible for reflection attacks that show long dwell times. Our study on network event correlations highlights empirical observations that could facilitate better attack handling in large networks.
Item Type: | Conference Item (Paper) | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | |||||||||
Journal or Publication Title: | Proceedings of the 2021 IEEE 20th International Symposium on Network Computing and Applications (NCA) | |||||||||
Publisher: | IEEE | |||||||||
ISBN: | 9781665495509 | |||||||||
ISSN: | 2643-7929 | |||||||||
Book Title: | 2021 IEEE 20th International Symposium on Network Computing and Applications (NCA) | |||||||||
Official Date: | 31 January 2022 | |||||||||
Dates: |
|
|||||||||
Page Range: | pp. 1-10 | |||||||||
DOI: | 10.1109/NCA53618.2021.9685305 | |||||||||
Status: | Peer Reviewed | |||||||||
Publication Status: | Published | |||||||||
Reuse Statement (publisher, data, author rights): | © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | |||||||||
Access rights to Published version: | Restricted or Subscription Access | |||||||||
Copyright Holders: | IEEE | |||||||||
RIOXX Funder/Project Grant: |
|
|||||||||
Conference Paper Type: | Paper | |||||||||
Title of Event: | 2021 IEEE 20th International Symposium on Network Computing and Applications (NCA) | |||||||||
Type of Event: | Conference | |||||||||
Location of Event: | Boston, MA, USA | |||||||||
Date(s) of Event: | 23-26 Nov 2021 |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |