Employing the CEP Paradigm for Network Analysis and Surveillance

Gad, Ruediger; Kappes, Martin; Boubeta-Puig, Juan; Medina-Bulo, Inmaculada

Home // AICT 2013, The Ninth Advanced International Conference on Telecommunications // View article

Employing the CEP Paradigm for Network Analysis and Surveillance

Authors:
Ruediger Gad
Martin Kappes
Juan Boubeta-Puig
Inmaculada Medina-Bulo

Keywords: CEP; network analysis; network surveillance.

Abstract:
In this paper, we present a network analysis and surveillance system based on the Complex Event Processing (CEP) paradigm. We demonstrate how complex event hierarchies based on single packets can be leveraged for detecting attacks such as, e.g., SYN Flooding, and present experimental performance results indicating that current CEP implementations running on consumer class computers are well capable of analyzing network traffic volumes with such patterns in the Gigabit range, rendering our approach applicable for enterprise network monitoring.

Pages: 204 to 210

Copyright: Copyright (c) IARIA, 2013

Publication date: June 23, 2013

Published in: conference

ISSN: 2308-4030

ISBN: 978-1-61208-279-0

Location: Rome, Italy

Dates: from June 23, 2013 to June 28, 2013