@inproceedings{fdb0c912d6254e9082ff581c30a563c1,
title = "Multi-granular aggregation of network flows for security analysis",
abstract = "Investigating network flows is an approach of detecting attacks by identifying known patterns. Flow statistics are used to discover anomalies by aggregating network traces and then using machine-learning classifiers to discover suspicious activities. However, the efficiency and effectiveness of the flow classification models depends on the granularity of aggregation. This paper describes a novel approach that aggregates packets into network flows and correlates them with security events generated by payload-based IDSs for detection of cyber-attacks.",
keywords = "Flow aggregation, Intrusion Detection, NetFlow, traffic classification",
author = "Tao Ding and Ahmed Aleroud and George Karabatis",
note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 13th IEEE International Conference on Intelligence and Security Informatics, ISI 2015 ; Conference date: 27-05-2015 Through 29-05-2015",
year = "2015",
month = jul,
day = "23",
doi = "10.1109/ISI.2015.7165965",
language = "English (US)",
series = "2015 IEEE International Conference on Intelligence and Security Informatics: Securing the World through an Alignment of Technology, Intelligence, Humans and Organizations, ISI 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "173--175",
editor = "Lina Zhou and Wang, {G. Alan} and Wenji Mao and Lisa Kaati",
booktitle = "2015 IEEE International Conference on Intelligence and Security Informatics",
}