A Survey on Network Security Monitoring Systems

Network monitoring is a difficult and demanding task that is a vital part of a network administrator's job. Network administrators are constantly striving to maintain smooth operation of their networks. If a network were to be down even for a small period of time, productivity within a company would decline, and in the case of public service departments the ability to provide essential services would be compromised. There are several approaches to network security monitoring. This paper provides the readers with a critical review of the prominent implementations of the current network monitoring approaches.

[1]  José Luis García-Dorado,et al.  Commodity Packet Capture Engines: Tutorial, Cookbook and Applicability , 2015, IEEE Communications Surveys & Tutorials.

[2]  Anat Bremler-Barr,et al.  Deep Packet Inspection as a Service , 2014, CoNEXT.

[3]  Brian Trammell,et al.  YAF: Yet Another Flowmeter , 2010, LISA.

[4]  N. K. Srinath,et al.  Tool Tracker: A Toolkit Ensembling Useful Online Networking Tools for Efficient Management and Operation of a Network , 2008 .

[5]  Václav Přenosil,et al.  Network Monitoring Approaches: An Overview , 2015 .

[6]  Yang Xiao,et al.  Network forensics analysis using Wireshark , 2015, Int. J. Secur. Networks.

[7]  Dulal C. Kar,et al.  Ethereal vs. Tcpdump: a comparative study on packet sniffing tools for educational purpose , 2005 .

[8]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[9]  Carrie Gates,et al.  More Netflow Tools for Performance and Security , 2004, LISA.

[10]  Jeanna Neefe Matthews,et al.  Quantitative analysis of intrusion detection systems: Snort and Suricata , 2013, Defense, Security, and Sensing.

[11]  P. Lucente pmacct: steps forward interface counters , .

[12]  Aiko Pras,et al.  Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX , 2014, IEEE Communications Surveys & Tutorials.

[13]  Yuewei Dai,et al.  Designing snort rules to detect abnormal DNP3 network data , 2015, 2015 International Conference on Control, Automation and Information Sciences (ICCAIS).

[14]  Luca Deri,et al.  nProbe: an Open Source NetFlow Probe for Gigabit Networks , 2003 .

[15]  Radek Krejcí,et al.  Flow Information Storage Assessment Using IPFIXcol , 2012, AIMS.