Behavioral analysis of network flow traffic
| dc.contributor.author | Heller, Mark D. | |
| dc.contributor.corporate | Naval Postgraduate School (U.S.) | |
| dc.contributor.department | Information Warfare Systems Engineering | |
| dc.contributor.department | Computer Science (CS) | |
| dc.contributor.secondreader | Xie, Geoffrey G. | |
| dc.contributor.secondreader | Gibson, John | |
| dc.contributor.secondreader | Collins, Michael | |
| dc.contributor.secondreader | Buettner, Raymond | |
| dc.date.accessioned | 2012-03-14T17:44:12Z | |
| dc.date.available | 2012-03-14T17:44:12Z | |
| dc.date.issued | 2010-09 | |
| dc.description.abstract | Network Behavior Analysis (NBA) is a technique to enhance network security by passively monitoring aggregate traffic patterns and noting unusual action or departures from normal operations. The analysis is typically performed offline, due to the huge volume of input data, in contrast to conventional intrusion prevention solutions based on deep packet inspection, signature detection, and real-time blocking. After establishing a benchmark for normal traffic, an NBA program monitors network activity and flags unknown, new, or unusual patterns that might indicate the presence of a potential threat. NBA also monitors and records trends in bandwidth and protocol use. Computer users in the Department of Defense (DoD) operational networks may use Hypertext Transport Protocol (HTTP) to stream video from multimedia sites like youtube.com, myspace.com, mtv.com, and blackplanet.com. Such streaming may hog bandwidth, a grave concern, given that increasing amounts of operational data are exchanged over the Global Information Grid, and introduce malicious viruses inadvertently. This thesis develops an NBA solution to identify and estimate the bandwidth usage of HTTP streaming video traffic entirely from flow records such as Cisco's NetFlow data. | en_US |
| dc.description.distributionstatement | Approved for public release; distribution is unlimited. | |
| dc.description.service | US Navy (USN) author | en_US |
| dc.description.uri | http://archive.org/details/behavioralnalysi109455108 | |
| dc.format.extent | xvi, 77 p. ; | en_US |
| dc.identifier.oclc | 689051535 | |
| dc.identifier.uri | https://hdl.handle.net/10945/5108 | |
| dc.publisher | Monterey, California. Naval Postgraduate School | en_US |
| dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
| dc.subject.lcsh | Computer science | en_US |
| dc.subject.lcsh | Behavioral assessment | en_US |
| dc.title | Behavioral analysis of network flow traffic | en_US |
| dc.type | Thesis | en_US |
| dspace.entity.type | Publication | |
| etd.thesisdegree.discipline | Computer Science and M.S. in Information Warfare Systems Engineering | en_US |
| etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
| etd.thesisdegree.level | Masters | en_US |
| etd.thesisdegree.name | M.S. | en_US |
| etd.verified | no | en_US |
Files
Original bundle
1 - 1 of 1