BIBLIOS

  Sistema de Gestão de Referências Bibliográficas de Ciências

Modo Visitante (Login)
Need help?


Voltar

Detalhes Referência

Tipo
Artigos em Conferência

Tipo de Documento
Resumo Extendido

Título
Speeding Up Network Intrusion Detection

Participantes na publicação
João Romeiras Amado (Author)
INSTITUTO SUPERIOR TÉCNICO
Salvatore Signorello (Author)
FACULDADE DE CIÊNCIAS DA UNIVERSIDADE DE LISBOA
Dep. Informática
Miguel Correia (Author)
INSTITUTO SUPERIOR TÉCNICO
Fernando M. V. Ramos (Author)
INSTITUTO SUPERIOR TÉCNICO

Resumo
Modern network data planes have enabled new measurement approaches, including efficient sketch-based techniques with provable trade-offs between memory and accuracy, directly in the data plane, at line rate. We thus ask the question: can one leverage this richer measurement plane to improve network intrusion detection? Our answer is SPID, a push-based, feature-rich network monitoring approach to assist learning-based attack detection. SPID switches run a diverse set of measurement primitives and proactively push measurements to the monitoring system when relevant changes occur. Network measurements are then fed as input features to a classifier based on unsupervised learning to detect ongoing attacks, as they occur. In consequence, SPID aims to reduce attack detection time, when comparing to existing solutions present in large scale networks.

Data de Publicação
2020-10-13

Evento
2020 IEEE 28th International Conference on Network Protocols (ICNP)

Identificadores da Publicação
ISSN - 9781728169927

Editora
IEEE

Número de Páginas
2

Identificadores do Documento
DOI - https://doi.org/10.1109/ICNP49622.2020.9259349

Keywords
NIDS programmable data planes sketches


Exportar referência

APA
João Romeiras Amado, Salvatore Signorello, Miguel Correia, Fernando M. V. Ramos, (2020). Speeding Up Network Intrusion Detection. 2020 IEEE 28th International Conference on Network Protocols (ICNP), -

IEEE
João Romeiras Amado, Salvatore Signorello, Miguel Correia, Fernando M. V. Ramos, "Speeding Up Network Intrusion Detection" in 2020 IEEE 28th International Conference on Network Protocols (ICNP), , 2020, pp. -, doi: 10.1109/ICNP49622.2020.9259349

BIBTEX
@InProceedings{47487, author = {João Romeiras Amado and Salvatore Signorello and Miguel Correia and Fernando M. V. Ramos}, title = {Speeding Up Network Intrusion Detection}, booktitle = {2020 IEEE 28th International Conference on Network Protocols (ICNP)}, year = 2020, pages = {-}, address = {}, publisher = {IEEE} }