DocumentCode :
2438542
Title :
Better Architectures and New Security Applications for Network Monitoring
Author :
Reiter, Michael
fYear :
2009
fDate :
22-26 June 2009
Firstpage :
542
Lastpage :
542
Abstract :
Busy networks today cannot afford to log all traffic traversing them, and consequently many network-monitoring applications make due with coarse traffic summaries. In this talk we will describe an approach we have developed to improve the fidelity of these traffic summaries, by coordinating the monitoring performed by the network\´s routers so as to achieve network-wide monitoring goals while respecting each router\´s processing constraints. We will also describe our use of traffic summaries to detect a variety of stealthy network abuses—e.g., file-sharing traffic masquerading on other application ports, "hit-list" scans and malware propagation, data exfiltration by spyware, and botnet command-and-control traffic—and even to identify the origin of epidemic malware spreads.
Keywords :
Application software; Biographies; Communication system security; Computer architecture; Computer science; Computer security; Distributed computing; Information security; Monitoring; Telecommunication traffic;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Distributed Computing Systems, 2009. ICDCS '09. 29th IEEE International Conference on
Conference_Location :
Montreal, QC
ISSN :
1063-6927
Print_ISBN :
978-0-7695-3659-0
Type :
conf
DOI :
10.1109/ICDCS.2009.85
Filename :
5158466
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2438542
بازگشت