On-demand view materialization and indexing for network forensic analysis
作者: Tanya Bragin , Roxana Geambasu , Magdalena Balazinska , Jaeyeon Jung
DOI:
关键词:
摘要: Today, network intrusion detection systems (NIDSs) use custom solutions to log historical flows and support forensic analysis by administrators. These are expensive, inefficient, lack flexibility. In this paper, we investigate database for interactive analysis. We show that an "out-of-the-box" relational management system (RDBMS) can moderate flow rates in a manner ensures high query performance. To enable significantly higher data rates, propose technique based on on-demand view materialization indexing. our approach, when event occurs, the proactively extracts relevant indexes it preparation queries over data. approach improves response times large class of queries, while maintaining insert throughput.
poly.edu参考文章(16)
Sirish Chandrasekaran, Michael J. Franklin, Query processing over live and archived data streams University of California at Berkeley. ,(2005)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Jennifer Widom, Gurmeet Singh Manku, Chris Olston, Rajeev Motwani, Mayur Datar, Brian Babcock, Justin Rosenstein, Shivnath Babu, Arvind Arasu, Rohit Varma, Query Processing, Approximation, and Resource Management in a Data Stream Management System. conference on innovative data systems research. ,(2003)
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
J. Shim, P. Scheuermann, R. Vingralek, Dynamic caching of query results for decision support systems statistical and scientific database management. pp. 254- 263 ,(1999) , 10.1109/SSDM.1999.787641
M. Stonebraker, The case for partial indexes international conference on management of data. ,vol. 18, pp. 4- 11 ,(1989) , 10.1145/74120.74121
Surajit Chaudhuri, Umeshwar Dayal, An overview of data warehousing and OLAP technology international conference on management of data. ,vol. 26, pp. 65- 74 ,(1997) , 10.1145/248603.248616
Anurag S. Maskey, Nesime Tatbul, Wolfgang Lindner, Esther Ryvkina, Alexander Rasin, Mitch Cherniack, Stan Zdonik, Ying Xing, Daniel J. Abadi, Magdalena Balazinska, Yanif Ahmad, Jeong-Hyon Hwang, The Design of the Borealis Stream Processing Engine conference on innovative data systems research. pp. 277- 289 ,(2005)
Richard Mortier, Dushyanth Narayanan, Austin Donnelly, Antony Rowstron, Delay aware querying with seaweed very large data bases. ,vol. 17, pp. 315- 331 ,(2006) , 10.5555/1182635.1164190
P. Seshadri, A. Swami, Generalized partial indexes international conference on data engineering. pp. 420- 427 ,(1995) , 10.1109/ICDE.1995.380355