CFP last date
20 January 2025
Reseach Article

Usage of Netflow in Security and Monitoring of Computer Networks

by Shivam Choudhary, Bhargav Srinivasan
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 68 - Number 24
Year of Publication: 2013
Authors: Shivam Choudhary, Bhargav Srinivasan
10.5120/11727-7362

Shivam Choudhary, Bhargav Srinivasan . Usage of Netflow in Security and Monitoring of Computer Networks. International Journal of Computer Applications. 68, 24 ( April 2013), 17-24. DOI=10.5120/11727-7362

@article{ 10.5120/11727-7362,
author = { Shivam Choudhary, Bhargav Srinivasan },
title = { Usage of Netflow in Security and Monitoring of Computer Networks },
journal = { International Journal of Computer Applications },
issue_date = { April 2013 },
volume = { 68 },
number = { 24 },
month = { April },
year = { 2013 },
issn = { 0975-8887 },
pages = { 17-24 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume68/number24/11727-7362/ },
doi = { 10.5120/11727-7362 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:28:47.416884+05:30
%A Shivam Choudhary
%A Bhargav Srinivasan
%T Usage of Netflow in Security and Monitoring of Computer Networks
%J International Journal of Computer Applications
%@ 0975-8887
%V 68
%N 24
%P 17-24
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Management of a network is a challenging task without accurate traffic statistics. Through this paper the security benefits of implementing a Netflow [1] based analysis system and then a novel open source application useful in Netflow analysis and management of flow records is proposed. Netflow data provides important information about network conversations and behavior. Netflow statistics are generated by Cisco and Juniper routers and switches, as well as server software Netflow probes. Netflow data provides enough information to serve the needs of several different applications such as billing, network planning and most importantly traffic engineering, which we specifically analyze to assess the state of the network. The flow records are UDP packets lacking payload data which still provides enough data to the network administrator to be a valuable analysis tool. Netflow profiling is a good moderation which strikes a balance between detail and summary and provides a real-time analysis of traffic flows, connection information and abnormal network behavior. Netflow data on the router is sampled at a variable rate which actually satisfies the conditions which have been set to monitor the incoming traffic, and then compared periodically to test if an incoming sequence is a DOS or a possible threat to the network by examining the packet sequences. Through this paper the performance of a network is gauged by using a parameter called unexpectedness [2], which is a method to gauge the amount of traffic flowing through a network.

References
  1. Vojtech Krmicek. GEANT3 JRA2 T4 Internal Deliverable. "Inspecting DNS Flow Trace for Purposes of Botnet Detection port scanning. " 2011. Paper
  2. Decoding Kobayashi, Atsushi. "CPAN RT. " Net::Flow. Cpan. org, 2008. Web. 15 Dec. 2012. Brown, L. D. , Hua, H. , and Gao, C. 2003.
  3. William Stallings, SNMP, SNMPv2, SNMPv3 and RMON 1 and 2, 1999.
Index Terms

Computer Science
Information Sciences

Keywords

Netflow Cisco Packet Tracer GNS3 Virtual Box Virtual Router Unexpectedness Decoding Netflow Packets