FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W852649259> ?p ?o ?g. }

• W852649259 abstract "With the recent increases in bandwidth available to home users, traffic rates forcommercial national networks have also been increasing rapidly. This presentsa problem for any network monitoring tool as the traffic rate they are expectedto monitor is rising on a monthly basis. Security within these networks is para-mount as they are now an accepted home of trade and commerce. Core networkshave been demonstrably and repeatedly open to attack; these events have hadsignificant material costs to high profile targets.Network monitoring is an important part of network security, providing in-formation about potential security breaches and in understanding their impact.Monitoring at high data rates is a significant problem; both in terms of processingthe information at line rates, and in terms of presenting the relevant informationto the appropriate persons or systems.This thesis suggests that the use of summary statistics, gathered over a num-ber of packets, is a sensible and effective way of coping with high data rates. Amethodology for discovering which metrics are appropriate for classifying signi-ficant network events using statistical summaries is presented. It is shown thatthe statistical measures found with this methodology can be used effectively asa metric for defining periods of significant anomaly, and further classifying theseanomalies as legitimate or otherwise. In a laboratory environment, these metricswere used to detect DoS traffic representing as little as 0.1% of the overall networktraffic.The metrics discovered were then analysed to demonstrate that they are ap-propriate and rational metrics for the detection of network level anomalies. Thesemetrics were shown to have distinctive characteristics during DoS by the analysisof live network observations taken during DoS events.This work was implemented and operated within a live system, at multiplesites within the core of a commercial ISP network. The statistical summariesare generated at city based points of presence and gathered centrally to allow forspacial and topological correlation of security events.The architecture chosen was shown to be exible in its application. The systemwas used to detect the level of VoIP traffic present on the network through theimplementation of packet size distribution analysis in a multi-gigabit environment.It was also used to detect unsolicited SMTP generators injecting messages intothe core.iiMonitoring in a commercial network environment is subject to data protec-tion legislation. Accordingly the system presented processed only network andtransport layer headers, all other data being discarded at the capture interface.The system described in this thesis was operational for a period of 6 months,during which a set of over 140 network anomalies, both malicious and benign wereobserved over a range of localities. The system design, example anomalies andmetric analysis form the majority of this thesis." @default.
• W852649259 created "2016-06-24" @default.
• W852649259 creator A5001382010 @default.
• W852649259 date "2012-01-01" @default.
• W852649259 modified "2023-09-25" @default.
• W852649259 title "Inferring malicious network events in commercial ISP networks using traffic summarisation" @default.
• W852649259 hasPublicationYear "2012" @default.
• W852649259 type Work @default.
• W852649259 sameAs 852649259 @default.
• W852649259 citedByCount "0" @default.
• W852649259 crossrefType "dissertation" @default.
• W852649259 hasAuthorship W852649259A5001382010 @default.
• W852649259 hasConcept C124101348 @default.
• W852649259 hasConcept C127413603 @default.
• W852649259 hasConcept C158379750 @default.
• W852649259 hasConcept C176217482 @default.
• W852649259 hasConcept C182590292 @default.
• W852649259 hasConcept C21547014 @default.
• W852649259 hasConcept C2522767166 @default.
• W852649259 hasConcept C31258907 @default.
• W852649259 hasConcept C38652104 @default.
• W852649259 hasConcept C41008148 @default.
• W852649259 hasConcept C739882 @default.
• W852649259 hasConcept C81877898 @default.
• W852649259 hasConceptScore W852649259C124101348 @default.
• W852649259 hasConceptScore W852649259C127413603 @default.
• W852649259 hasConceptScore W852649259C158379750 @default.
• W852649259 hasConceptScore W852649259C176217482 @default.
• W852649259 hasConceptScore W852649259C182590292 @default.
• W852649259 hasConceptScore W852649259C21547014 @default.
• W852649259 hasConceptScore W852649259C2522767166 @default.
• W852649259 hasConceptScore W852649259C31258907 @default.
• W852649259 hasConceptScore W852649259C38652104 @default.
• W852649259 hasConceptScore W852649259C41008148 @default.
• W852649259 hasConceptScore W852649259C739882 @default.
• W852649259 hasConceptScore W852649259C81877898 @default.
• W852649259 hasLocation W8526492591 @default.
• W852649259 hasOpenAccess W852649259 @default.
• W852649259 hasPrimaryLocation W8526492591 @default.
• W852649259 hasRelatedWork W132571952 @default.
• W852649259 hasRelatedWork W1485150412 @default.
• W852649259 hasRelatedWork W151092758 @default.
• W852649259 hasRelatedWork W1557029157 @default.
• W852649259 hasRelatedWork W1988182815 @default.
• W852649259 hasRelatedWork W2066313328 @default.
• W852649259 hasRelatedWork W2081675971 @default.
• W852649259 hasRelatedWork W2098366185 @default.
• W852649259 hasRelatedWork W2143670853 @default.
• W852649259 hasRelatedWork W2153517517 @default.
• W852649259 hasRelatedWork W2173817446 @default.
• W852649259 hasRelatedWork W2223979599 @default.
• W852649259 hasRelatedWork W2341381956 @default.
• W852649259 hasRelatedWork W2408790947 @default.
• W852649259 hasRelatedWork W2481434706 @default.
• W852649259 hasRelatedWork W2886345304 @default.
• W852649259 hasRelatedWork W2965047003 @default.
• W852649259 hasRelatedWork W611740059 @default.
• W852649259 hasRelatedWork W2134170544 @default.
• W852649259 hasRelatedWork W2960336015 @default.
• W852649259 isParatext "false" @default.
• W852649259 isRetracted "false" @default.
• W852649259 magId "852649259" @default.
• W852649259 workType "dissertation" @default.