Flow Data at 10 GigE and Beyond: What Can (or Should) We Do?

Abstract

Using the flow data in a campus environment. In 2000 started collecting Netflow data from all of the core campus network devices using the OSU Flowtools package. By 2004, we were collecting Netflow data down in the distribution and access layers of the campus network. Today, still consider flow data to be a critical part of our anomaly detection systems. Goals are to: protect the Laboratory computers from the Internet, protect the Internet from the Laboratory computers and have visibility into "lateral movement" of compromised hosts.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 12, 2010
Accession Number
AD1145760

Entities

People

  • Scott Pinkerton

Organizations

  • Argonne National Laboratory

Tags

DTIC Thesaurus Topics

  • Bandwidth
  • Buildings And Structures
  • Chemistry
  • Computer Network Security
  • Computers
  • Data Rate
  • Data Sets
  • Electron Microscopy
  • Electronic Mail
  • Engineering
  • Forensic Analysis
  • High Energy
  • Large Hadron Collider
  • Light Sources
  • Networks
  • Nuclear Physics
  • Particle Physics
  • Physics
  • Spine
  • Universities
  • Wireless Networks

Fields of Study

  • Computer science

Readers

  • Computer Science/Computer Engineering/Data Science/Digital Signal Processing.
  • Research Science/Academic Research