An approximate framework for flexible network flow screening

Daniel John Lawson, Niall M Adams

Research output: Contribution to conferenceConference Paperpeer-review

20 Downloads (Pure)


Network security analysts presently lack tools for
routinely screening large collections of network traffic for struc-
tures of interest. This is particularly the case when the struc-
tures of interest are embodied as summaries of sets of related
traffic, essentially behaviour descriptions. This paper sketches
a methodology to provide such capability, in the context of flow
data. The methodology generates approximate search results, and
uses a modular construction to provide the capability to tailor
queries for multiple views of the behaviour structure of interest.
At core, the methodology involves approximate sequential search
procedures. The methodology is framed by a discussion of a large
university network.
Original languageEnglish
Publication statusPublished - 26 Sept 2014


  • Big Data
  • Cyber Security


Dive into the research topics of 'An approximate framework for flexible network flow screening'. Together they form a unique fingerprint.

Cite this