High-Precision-And-Recall Network Anomaly Detection using Continuous Stream Processing

Some advanced strategies for building effective and reliable Network Behavior Analysis systems

Abstract:

With respect to cyber crimes, in the recent times, the risks faced by enterprises have multiplied. There's been a clear shift from hacking for fame and thrill to a focus on data stealing, identity forging and extortion attacks, as well as controlling a large pool of internet resources for achieving those ends. Continuous evolution of intrusion techniques has made ensuring network security increasingly difficult in spite of becoming all the more critical.

This paper discusses the currently available three critical dimensions of network security, namely, (i)Firewall, (ii)IDS / IPS and (iii)NBA / NBAD, along with their strengths and drawbacks. The former two are prevalent in the industry whereas the third is not. This paper challenges the existing industry perception of the NBA / NBAD systems, and explains ways of rectifying various drawbacks of the present day NBA systems using new techniques. It also discusses the NetFlow Analyzer's Advanced Security Analytics Module(ASAM), which helps detect & classify zero-day network intrusions in real-time, using the state-of-the-art Continuous Stream Mining EngineTM technology.

Request White Paper

Please fill the following form, and the white paper will be mailed to your mail address, mentioned in the form.