Telemetry System Ideas

• Previous message (by thread): Contacts at Three.co.uk
• Next message (by thread): Contact at DALnet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I am a researcher working on developing a new on-the-fly telemetry 
system that potentially takes a flow chart as input to describe a 
particular detection task (rather than just features or information 
elements as in IPFIX). For an example of what I mean by "flow chart" see 
the figure here: 
https://ieeexplore.ieee.org/mediastore_new/IEEE/content/media/8048782/8048856/8048939/8048939-fig-4-source-hires.gif.

Might anyone have pointers to a source of more such flow charts?

The other issue I'm worried about is that it might take a couple rounds 
before an event is detected (since the system has to step through the 
flow chart and possibly look at different traffic features in the 
process). What is a typical duration of the types of events people might 
want to catch with a telemetry system like this? Do these kind of events 
generate the same type of traffic throughout their durations, or do 
traffic features change as the event progresses?

Thanks!

Chris

• Previous message (by thread): Contacts at Three.co.uk
• Next message (by thread): Contact at DALnet?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]