Using of Flow Statistics for Improvement of Protocol Detection
Authors | |
---|---|
Year of publication | 2011 |
Type | Article in Proceedings |
Conference | Security and Protection of Information 2011 |
MU Faculty or unit | |
Citation | |
Field | Informatics |
Keywords | NetFlow IPFIX protocol detection SSH clustering inter-packet gaps |
Description | This paper describes a protocol detection using statistic information about a flow extended by packet sizes and time characteristics about inter-packet gaps. The data is processed by QT clustering algorithm which divides flows into specific groups. |
Related projects: |