Skip to main content
SpringerLink
Log in

Situational Awareness and Network Traffic Analysis

  • Conference paper
Cyberspace Security and Defense: Research Issues

Part of the book series: NATO Science Series II: Mathematics, Physics and Chemistry ((NAII,volume 196))

Abstract

As network traffic increases, the problems associated with monitoring and analyzing the traffic on high speed networks become increasingly difficult. In this paper, we consider a variety of techniques for analyzing such data and using it to develop a variety of network views that reflect the status of the monitored environment. The powers of the monitoring approach and the analysis techniques is such that it is possible, on one hand, to identify network wide phenomena, and, on the other, to look at the behavior of individual network hosts.

This material is based upon work partially supported by the National Science Foundation under Grant No. 0326472. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. This work is also supported by the Army Research Office through grant number DAAD190210389 (“Perpetually Available and Secure Information Systems”) to CyLab at Carnegie Mellon University. The first author's participation in the workshop where the material on which this paper is based was presented was partially supported by NATO.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • Cisco Systems (1999), Flow collector overview, found on web at http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/nfc/nfc_3_0/nfc%_ug/nfcover.htm

    Google Scholar 

  • Fullmer, M. and S. Romig, (2000), The OSU flowtools package and Cisco NetFlow logs, in LISA XIV, pages 291–303, New Orleans.

    Google Scholar 

  • McHugh, J. (2004). Sets, bags, and rock and roll: Analysis of large sets of network data, in Proceedings of ESORICS 2004, volume 3193 of LNCS, Springer.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CyLab and CERT Network Situational Awareness Center, Carnegie Mellon University, Pittsburgh, PA, 15313, USA

    John McHugh

  2. 2CERT Network Situational Awareness Center, Carnegie Mellon University, Pittsburgh, PA, 15313, USA

    Carrie Gates

  3. Department of Computer Science, Dalhousie University, Halifax, NS, Canada

    Carrie Gates

  4. United States Military Academy, West Point, NY

    Damon Becknel

Authors
  1. John McHugh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carrie Gates
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Damon Becknel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Washington, Seattle, WA, USA

    Janusz S. Kowalik

  2. Gdansk University of Technologies, Gdansk, Poland

    Janusz Gorski

  3. Institute of Computer Information Technologies, Ternopil Academy of Economy, Ternopil, Ukraine

    Anatoly Sachenko

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer

About this paper

Cite this paper

McHugh, J., Gates, C., Becknel, D. (2005). Situational Awareness and Network Traffic Analysis. In: Kowalik, J.S., Gorski, J., Sachenko, A. (eds) Cyberspace Security and Defense: Research Issues. NATO Science Series II: Mathematics, Physics and Chemistry, vol 196. Springer, Dordrecht. https://doi.org/10.1007/1-4020-3381-8_12

Download citation

  • DOI: https://doi.org/10.1007/1-4020-3381-8_12

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-1-4020-3379-7

  • Online ISBN: 978-1-4020-3381-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation