BIBLIOS

   Ciências References Management System

Visitor Mode (Login)
Need help?


Back

Publication details

Document type
Conference papers

Document subtype
Extended abstract/Short paper

Title
Speeding Up Network Intrusion Detection

Participants in the publication
João Romeiras Amado (Author)
INSTITUTO SUPERIOR TÉCNICO
 Salvatore Signorello (Author)
FACULDADE DE CIÊNCIAS DA UNIVERSIDADE DE LISBOA
 Dep. Informática
 Miguel Correia (Author)
INSTITUTO SUPERIOR TÉCNICO
 Fernando M. V. Ramos (Author)
INSTITUTO SUPERIOR TÉCNICO
Summary
Modern network data planes have enabled new measurement approaches, including efficient sketch-based techniques with provable trade-offs between memory and accuracy, directly in the data plane, at line rate. We thus ask the question: can one leverage this richer measurement plane to improve network intrusion detection? Our answer is SPID, a push-based, feature-rich network monitoring approach to assist learning-based attack detection. SPID switches run a diverse set of measurement primitives and proactively push measurements to the monitoring system when relevant changes occur. Network measurements are then fed as input features to a classifier based on unsupervised learning to detect ongoing attacks, as they occur. In consequence, SPID aims to reduce attack detection time, when comparing to existing solutions present in large scale networks.

Date of Publication
2020-10-13

Event
2020 IEEE 28th International Conference on Network Protocols (ICNP)

Publication Identifiers
ISSN - 9781728169927

Publisher
IEEE

Number of pages
2

Document Identifiers
DOI - https://doi.org/10.1109/ICNP49622.2020.9259349

Keywords
NIDS programmable data planes sketches


Export

APA
João Romeiras Amado, Salvatore Signorello, Miguel Correia, Fernando M. V. Ramos, (2020). Speeding Up Network Intrusion Detection. 2020 IEEE 28th International Conference on Network Protocols (ICNP), -

IEEE
João Romeiras Amado, Salvatore Signorello, Miguel Correia, Fernando M. V. Ramos, "Speeding Up Network Intrusion Detection" in 2020 IEEE 28th International Conference on Network Protocols (ICNP), , 2020, pp. -, doi: 10.1109/ICNP49622.2020.9259349

BIBTEX
@InProceedings{47487, author = {João Romeiras Amado and Salvatore Signorello and Miguel Correia and Fernando M. V. Ramos}, title = {Speeding Up Network Intrusion Detection}, booktitle = {2020 IEEE 28th International Conference on Network Protocols (ICNP)}, year = 2020, pages = {-}, address = {}, publisher = {IEEE} }