Scalable Network Forensics

@inproceedings{Vallentin2016ScalableNF,
  title={Scalable Network Forensics},
  author={Matthias Vallentin},
  year={2016}
}
Author(s): Vallentin, Matthias | Advisor(s): Paxson, Vern | Abstract: Network forensics and incident response play a vital role in site operations, but for large networks can pose daunting difficulties to cope with the ever-growing volume of activity and resulting logs. On the one hand, logging sources can generate tens of thousands of events per second, which a system supporting comprehensive forensics must somehow continually ingest. On the other hand, operators greatly benefit from… CONTINUE READING

Citations

Publications citing this paper.

References

Publications referenced by this paper.
SHOWING 1-10 OF 170 REFERENCES

Bro: A System for Detecting Network Intruders in Real-Time

  • USENIX Security Symposium
  • 1998
VIEW 12 EXCERPTS
HIGHLY INFLUENTIAL

Toward Efficient Querying of Compressed Network Payloads

  • USENIX Annual Technical Conference
  • 2012
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Bitmap Index Design and Evaluation

  • SIGMOD Conference
  • 1998
VIEW 6 EXCERPTS
HIGHLY INFLUENTIAL

Communicating Sequential Processes

C. A. R. Hoare
  • Commun. ACM
  • 1978
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Druid: a real-time analytical data store

  • SIGMOD Conference
  • 2014
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL