Compressing large amounts of netflow data using a pattern classification scheme

Cornelisse, Rémon; Bargh, M.S.; Choenni, R.; Moolenaar, Debora E. G.; Zeeuw, Luc V. de

Samenvatting

The storage of large amounts of network data is a challenging problem, in particular if it still needs to be actively consulted as for example in the case of network forensics. Here we propose a method to compress NetFlow data while simultaneously adding domain knowledge. Our method is based on a pattern classification scheme by considering all flows from a single source IP address simultaneously. Each pattern can be described by at most 19 attributes that give a good statistical description of the original NetFlow data, while minimising information loss. We estimate that on average a factor of about 300 in storage space can be gained. The process is explained using a real world dataset from a large, high-speed, network, and a formal rationale is provided.

Trefwoorden

data compression pattern classification

Thema

ICT & Media

Organisatie	Hogeschool Rotterdam
Lectoraat	Kenniscentrum Creating 010

Gepubliceerd in	2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS) IEEE, New York, Pagina's: 364-370
Datum	2016-04-10
Type	Artikel
DOI	10.1109/BigDataSecurity-HPSC-IDS.2016.69
Taal	Engels

Compressing large amounts of netflow data using a pattern classification scheme

Compressing large amounts of netflow data using a pattern classification scheme

Samenvatting

Misschien ook interessant voor jou?

A Typical Case of Recommending the Use of a Hierarchical Data Format

Automatic Detection of Discursive Patterns in Dutch Social Media

Learning a sparse representation from multiple still images for on-line face recognition in an unconstrained environment