| Presentation | 2015-11-12 Enhancing performance of cardinality analysis for faster network Shinichi Mori, Akira Sato, Kenichi Yoshida, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Cardinality in network flow data gives useful information for network administrators about suspicious communication on their network. Such communication tends to present abnormal number of source and/or destination network address. Our research group reported that cardinality presented in TCP/IP packet header can be used to detect malware propagation and P2P software usage in small size network. However the processing speed of the analyzer is not enough to analyze high speed network line over 20Gbps. In this paper, we propose a technique to offload the analyzer by packet filtering based on the TCP flags. We also report the performance and the limitation of the proposed technique. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | CardinalityNetwork monitoringThreat detection |
| Paper # | IA2015-52 |
| Date of Issue | 2015-11-05 (IA) |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2015/11/12(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | NARITA VIEW HOTEL |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | IA2015 - Workshop on Internet Architecture and Applications 2015, Co-hosted with ITRC meet38 as Asia Internet Technology Joint Symposium |
| Chair | Ken-ichi Yoshida(Univ. of Tsukuba) |
| Vice Chair | Hiroyuki Osaki(Kwansei Gakuin Univ.) / Masahiro Jibiki(NICT) / Yutaka Nakamura(Kyushu Inst. of Tech.) |
| Secretary | Hiroyuki Osaki(Tokyo Inst. of Tech.) / Masahiro Jibiki(Osaka Univ.) / Yutaka Nakamura |
| Assistant | Yuichiro Hei(KDDI R&D Labs.) / Hiroshi Yamamoto(Ritsumeikan Univ.) / Toshiki Watanabe(NEC) |
| Paper Information | |
| Registration To | Technical Committee on Internet Architecture |
|---|---|
| Language | ENG |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Enhancing performance of cardinality analysis for faster network |
| Sub Title (in English) | |
| Keyword(1) | CardinalityNetwork monitoringThreat detection |
| 1st Author's Name | Shinichi Mori |
| 1st Author's Affiliation | University of Tsukuba(Univ. of Tsukuba) |
| 2nd Author's Name | Akira Sato |
| 2nd Author's Affiliation | University of Tsukuba(Univ. of Tsukuba) |
| 3rd Author's Name | Kenichi Yoshida |
| 3rd Author's Affiliation | University of Tsukuba(Univ. of Tsukuba) |
| Date | 2015-11-12 |
| Paper # | IA2015-52 |
| Volume (vol) | vol.115 |
| Number (no) | IA-307 |
| Page | pp.pp.81-85(IA), |
| #Pages | 5 |
| Date of Issue | 2015-11-05 (IA) |