A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Rapid prototyping of flow-based detection methods using complex event processing
2018
NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
Detection of network attacks is the first step to network security. Many different methods for attack detection were proposed in the past. However, descriptions of these methods are often not complete and it is difficult to verify that the actual implementation matches the description. In this demo paper, we propose to use Complex Event Processing (CEP) for developing detection methods based on network flows. By writing the detection methods in an Event Processing Language (EPL), we can address
doi:10.1109/noms.2018.8406121
dblp:conf/noms/VelanHT18
fatcat:wiymqdjbybdkdexzupkszry7um