Network Traffic Flow Analysis

Author

De Montigny-Leboeuf, A. ; Symchych, Tim

Author_Institution

Commun. Res. Centre, Ottawa, Ont.

fYear

2006

fDate

38838

Firstpage

639

Lastpage

642

Abstract

Thousands of diverse applications and services flow daily over networks used by governments, industry, and private users. Attacks can be hidden within these information flows by disguising malicious network traffic to appear to be legitimate. Generally, TCP or UDP based protocols can be mapped to specific network services. However, intruders do hide unauthorized activity by using non-standard protocols or standard protocols in non-standard ways to avoid detection. This paper describes current work and future directions that the Network Security Research Group at the Communication Research Centre (CRC) would take to identify flows of information that disguise attacks. Research challenges include uncovering unauthorized activities in high-speed, high-volume network links and within protocols that are intended to obscure the details of the information carried

Keywords

computer networks; security of data; telecommunication links; telecommunication security; telecommunication traffic; transport protocols; TCP; UDP; malicious network traffic flow analysis; network security; protocols; Access protocols; Communication industry; Cyclic redundancy check; Government; Information security; Intrusion detection; Monitoring; Payloads; TCPIP; Telecommunication traffic; network security; traffic classification; traffic flow analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Electrical and Computer Engineering, 2006. CCECE '06. Canadian Conference on

Conference_Location

Ottawa, Ont.

Print_ISBN

1-4244-0038-4

Electronic_ISBN

1-4244-0038-4

Type

conf

DOI

10.1109/CCECE.2006.277589

Filename

4054627