Improving Host Profiling With Bidirectional Flows
Authors | |
---|---|
Year of publication | 2009 |
Type | Article in Proceedings |
Conference | 2009 International Conference on Computational Science and Engineering |
MU Faculty or unit | |
Citation | |
Field | Informatics |
Keywords | behavior profiling;network traffic analysis;bidirectional flows |
Description | We present an approach to network devices behavior profiling based on NetFlow monitoring and a bidirectional flows extension. Behavior profiles of network devices typically focus on communicating peers, amount of traffic and traffic structure. However, using an implementation of the bidirectional flows standard we are able to distinguish between servers, clients and single flows directly which increases the profile quality. |
Related projects: |