Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Proceedings ArticleDOI
Detecting DGA malware using NetFlow
TL;DR: This work presents a novel technique for detecting malware using Domain Generation Algorithms (DGA), that is able to evaluate data from large scale networks without reverse engineering a binary or performing Non-Existent Domain (NXDomain) inspection.
Journal ArticleDOI
Abacus: Accurate behavioral classification of P2P-TV traffic
TL;DR: It is shown that it is actually possible to reliably discriminate between different P2P-TV applications by simply counting packets, and this classification framework, which uses Support Vector Machines, accurately identifies P1-TV traffic as well as traffic that is generated by other kinds of applications, so that the number of false classification events is negligible.
Proceedings ArticleDOI
BurstRadar: Practical Real-time Microburst Monitoring for Datacenter Networks
TL;DR: It is shown that modern programmable switching ASICs have made it practical to detect and characterize microbursts at high line rates and BurstRadar, a prototype of which is implemented, incurs 10 times less data collection and processing overhead than existing solutions.
Proceedings ArticleDOI
Revisiting the case for a minimalist approach for network flow monitoring
TL;DR: This paper revisits the case for a "minimalist" approach in which a small number of simple yet generic router primitives collect flow-level data from which different traffic metrics can be estimated and demonstrates the feasibility and promise of such a minimalist approach.
Proceedings ArticleDOI
Real-time Analysis of Flow Data for Network Attack Detection
Gerhard Münz,Georg Carle +1 more
TL;DR: This work describes the necessary steps from the raw flow data to the detection result in a systematic way and presents TOPAS, a system and framework for real-time analysis of flow data, that has been developed in order to meet requirements.