• DocumentCode
    2696239
  • Title

    An architecture for scalable network defense

  • Author

    Strayer, Tim ; Milliken, Walter ; Watro, Ronald ; Heimerdinger, Walt ; Harp, Steve ; Goldman, Robert P. ; Spicuzza, Dustin ; Schwartz, Beverly ; Mankins, David ; Kong, Derrick ; Zatko, Peiter Mudge

  • fYear
    2009
  • fDate
    20-23 Oct. 2009
  • Firstpage
    368
  • Lastpage
    371
  • Abstract
    We describe a novel architecture for network defense designed for scaling to very high data rates (100 Gb/s) and very large user populations. Scaling requires both efficient attack detection algorithms as well as appropriate an execution environment. Our architecture considers the time budget of traffic data extraction and algorithmic processing, provides a suite of detection algorithms - each designed to present different and complementary views of the data-that generate many ¿traffic events,¿ and reduces false positives by correlating these traffic events into benign or malicious hypotheses.
  • Keywords
    computer architecture; computer network security; telecommunication traffic; algorithmic processing; efficient attack detection algorithms; scalable network defense architecture; traffic data extraction; Bandwidth; Computer architecture; Computer networks; Data mining; Detection algorithms; Event detection; Feature extraction; Monitoring; Scalability; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Local Computer Networks, 2009. LCN 2009. IEEE 34th Conference on
  • Conference_Location
    Zurich
  • Print_ISBN
    978-1-4244-4488-5
  • Electronic_ISBN
    978-1-4244-4487-8
  • Type

    conf

  • DOI
    10.1109/LCN.2009.5355116
  • Filename
    5355116
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2696239