Abstract
As network traffic increases, the problems associated with monitoring and analyzing the traffic on high speed networks become increasingly difficult. In this paper, we consider a variety of techniques for analyzing such data and using it to develop a variety of network views that reflect the status of the monitored environment. The powers of the monitoring approach and the analysis techniques is such that it is possible, on one hand, to identify network wide phenomena, and, on the other, to look at the behavior of individual network hosts.
This material is based upon work partially supported by the National Science Foundation under Grant No. 0326472. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. This work is also supported by the Army Research Office through grant number DAAD190210389 (“Perpetually Available and Secure Information Systems”) to CyLab at Carnegie Mellon University. The first author's participation in the workshop where the material on which this paper is based was presented was partially supported by NATO.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cisco Systems (1999), Flow collector overview, found on web at http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/nfc/nfc_3_0/nfc%_ug/nfcover.htm
Fullmer, M. and S. Romig, (2000), The OSU flowtools package and Cisco NetFlow logs, in LISA XIV, pages 291–303, New Orleans.
McHugh, J. (2004). Sets, bags, and rock and roll: Analysis of large sets of network data, in Proceedings of ESORICS 2004, volume 3193 of LNCS, Springer.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer
About this paper
Cite this paper
McHugh, J., Gates, C., Becknel, D. (2005). Situational Awareness and Network Traffic Analysis. In: Kowalik, J.S., Gorski, J., Sachenko, A. (eds) Cyberspace Security and Defense: Research Issues. NATO Science Series II: Mathematics, Physics and Chemistry, vol 196. Springer, Dordrecht. https://doi.org/10.1007/1-4020-3381-8_12
Download citation
DOI: https://doi.org/10.1007/1-4020-3381-8_12
Publisher Name: Springer, Dordrecht
Print ISBN: 978-1-4020-3379-7
Online ISBN: 978-1-4020-3381-0
eBook Packages: Computer ScienceComputer Science (R0)