Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Dissertation
Using NetFlow analysis to detect worm propagation
TL;DR: This thesis investigates if it feasible to detect worm propagation using NetFlow analysis and compares this method with a traditional signature-based detection system, Snort, when monitoring a polymorphic worm and assess if Net Flow analysis is more robust than Snort.
Journal ArticleDOI
Task Scheduling for Probabilistic In -Band Network Telemetry
TL;DR: In this paper , the authors propose an algorithm that efficiently schedules multiple parallel PINT tasks on a flow by allocating the flow's packets to the tasks and showing that the allocation is optimal.
Proceedings ArticleDOI
A Feature Selection Technique for Network Intrusion Detection based on the Chaotic Crow Search Algorithm
Hussein Al-Zoubi,Samah Altaamneh +1 more
TL;DR: The proposed algorithm is more efficient in improving the performance of NIDS in terms of accuracy, detection rate, precision, F-score, specificity, and false alarm rate, outperforming state-of-the-art feature selection techniques recently proposed in the literature.
Proceedings ArticleDOI
Combining wavelet analysis and CUSUM algorithm for network anomaly detection
TL;DR: The introduction of the wavelet analysis is proposed, which allows us to strongly reduce the false alarm rate of the “classical” methods, still retaining excellent performance in the detection of network anomalies.
High-Level Abstractions for Programming Network Policies
TL;DR: This dissertation proposes NetQRE, a high-level declarative language for programming quantitative network policies that require monitoring a stream of network packets that integrates regular-expression-like pattern matching at flow-level as well as application-level payloads with aggregation operations such as sum and average counts.