Three statistical approaches to sessionizing network flow data

Patrick T G Rubin-Delanchy, Daniel John Lawson, Melissa J. Turcotte, Nicholas A Heard, Niall M Adams

Research output: Contribution to conferenceConference Paper

2 Citations (Scopus)
317 Downloads (Pure)

Abstract

The network traffic generated by a computer, or a pair of computers, is often well modelled as a series of sessions. These are, roughly speaking, intervals of time during which a computer is engaging in the same, continued, activity. This article explores a variety of statistical approaches to re-discovering sessions from network flow data using timing alone. Solutions to this problem are essential for network monitoring and cyber-security. For example overlapping sessions on a computer network can be evidence of an intruder 'tunnelling'.
Original languageEnglish
Pages244-247
Number of pages4
DOIs
Publication statusPublished - 26 Sep 2014
EventIntelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint - The Hague, Netherlands
Duration: 24 Sep 201426 Sep 2014

Conference

ConferenceIntelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint
CountryNetherlands
CityThe Hague
Period24/09/1426/09/14

Bibliographical note

Print ISBN: 978-1-4799-6363-8

Keywords

  • Big Data
  • Cyber Security

Fingerprint Dive into the research topics of 'Three statistical approaches to sessionizing network flow data'. Together they form a unique fingerprint.

Cite this