A modular multi-location anonymized traffic monitoring tool for a WiFi network

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy Pub Date : 2014-03-03 DOI:10.1145/2557547.2557580

Justin Hummel, Andrew W. E. McDonald, Vatsal Shah, Riju Singh, Bradford D. Boyle, Tingshan Huang, Nagarajan Kandasamy, H. Sethu, S. Weber

引用次数: 0

Abstract

Network traffic anomaly detection is now considered a surer approach to early detection of malware than signature-based approaches and is best accomplished with traffic data collected from multiple locations. Existing open-source tools are primarily signature-based, or do not facilitate integration of traffic data from multiple locations for real-time analysis, or are insufficiently modular for incorporation of newly proposed approaches to anomaly detection. In this paper, we describe DataMap, a new modular open-source tool for the collection and real-time analysis of sampled, anonymized, and filtered traffic data from multiple WiFi locations in a network and an example of its use in anomaly detection.

查看原文本刊更多论文

一个模块化的多位置匿名流量监控工具，用于WiFi网络

网络流量异常检测现在被认为是比基于签名的方法更可靠的早期检测恶意软件的方法，并且最好使用从多个位置收集的流量数据来完成。现有的开源工具主要是基于签名的，或者不能促进来自多个位置的流量数据的集成以进行实时分析，或者在整合新提出的异常检测方法方面不够模块化。在本文中，我们描述了DataMap，一个新的模块化开源工具，用于收集和实时分析来自网络中多个WiFi位置的采样、匿名和过滤流量数据，并举例说明了它在异常检测中的应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

CODASPY : proceedings of the ... ACM conference on data and application security and privacy. ACM Conference on Data and Application Security & Privacy

自引率

0.00%

发文量