Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Proceedings ArticleDOI
Fine-grained traffic classification with netflow data
Dario Rossi,Silvio Valenti +1 more
TL;DR: A behavioral algorithm which successfully exploits Netflow records for traffic classification is presented, representing a first step towards the use of Netflow data for fine-grained classification of network traffic.
Proceedings ArticleDOI
IncApprox: A Data Analytics System for Incremental Approximate Computing
TL;DR: An online stratified sampling algorithm that uses self-adjusting computation to produce an incrementally updated approximate output with bounded error is designed and implemented in a data analytics system called IncApprox, which achieves the benefits of both incremental and approximate computing.
Book ChapterDOI
On the Effectiveness of Traffic Analysis against Anonymity Networks Using Flow Records
Sambuddho Chakravarty,Marco V. Barbera,Georgios Portokalidis,Michalis Polychronakis,Angelos D. Keromytis +4 more
TL;DR: This paper presents an active traffic analysis technique based on perturbing the characteristics of user traffic at the server side, and observing a similar perturbation at the client side through statistical correlation, and demonstrates the feasibility and effectiveness of traffic analysis attacks against Tor using NetFlow data.
Proceedings Article
Scaling Hardware Accelerated Network Monitoring to Concurrent and Dynamic Queries With *Flow.
TL;DR: This work introduces *Flow, a switch accelerated telemetry system for efficient, concurrent, and dynamic measurement, to carefully partition processing between switch ASICs and application software.
Journal ArticleDOI
MLH-IDS: A Multi-Level Hybrid Intrusion Detection Method
TL;DR: A multi-level hybrid intrusion detection method that uses a combination of supervised, unsupervised and outlierbased methods for improving the efficiency of detection of new and old attacks is proposed.