Open Access
Cisco Systems NetFlow Services Export Version 9
Benoit Claise
- Vol. 3954, pp 1-33
TLDR
This document specifies the data export format for version 9 of Cisco Systems' NetFlow services, for use by implementations on the network elements and/or matching collector programs.Abstract:
This document specifies the data export format for version 9 of Cisco
Systems' NetFlow services, for use by implementations on the
network elements and/or matching collector programs. The version 9
export format uses templates to provide access to observations of IP
packet flows in a flexible and extensible manner. A template defines a
collection of fields, with corresponding descriptions of structure and
semantics. This memo provides information for the Internet community.read more
Citations
More filters
Proceedings ArticleDOI
Flow signatures of popular applications
TL;DR: To find application signatures in network flow traces that can be used to pinpoint certain applications, such as specific web browsers, mail clients, or media-players, the hypothesis that popular applications generate application specific flow signatures is hypothesis.
Journal ArticleDOI
A rough set-based effective rule generation method for classification with an application in intrusion detection
TL;DR: This paper proposes a rough set-based approach to mine rules from inconsistent data, which computes the lower and upper approximations for each concept, and then builds concise classification rules for each concepts satisfying required classification accuracy.
Proceedings ArticleDOI
Enabling a "RISC" Approach for Software-Defined Monitoring using Universal Streaming
TL;DR: A case is made for a "RISC" approach for flow monitoring analogous to a reduced instruction set in computer architecture---a simple and generic monitoring primitive from which a range of metrics can be computed with high accuracy.
Proceedings ArticleDOI
An automated bot detection system through honeypots for large-scale
TL;DR: A novel automated bot-infected machine detection system BFH (BotFinder through Honeypots), based on BotFinder, that identifies infected hosts in a real enterprise network by learning approach that is able to detect infected hosts with very few false-positive rates.
Proceedings ArticleDOI
A collaborative approach to facilitate intrusion detection and response against DDoS attacks.
Saman Taghavi Zargar,James Joshi +1 more
TL;DR: This paper proposes an optimal assignment of disjoint flows to each of the routers within the ASs in such a way that all the flows destined for the same host will be sampled, analyzed, and properly responded at the same router.