 |
|
||||||||||
Daniela Brauckhoff
ETH Zürich
Daniela Brauckhoff
Inst.f.Techn.Informatik u.Kommunik.Netze
ETZ G 97
Gloriastrasse 35
8092 Zürich
Phone: +41 44 632 70 50
E-Mail:
Research Interests
- Network Security: Anomaly detection methods, effect of sampling on anomaly detection
- Measurements: Netflow measurements in backbone networks
- Anonymization: Anonymization and Privacy Issues with Netflow Data
FLAME Software
- FLAME is a collection of tools developed by CSG/ETHZ to facilitate the modification of flow traces (e.g., in Netflow version 5 format).
Flame consists of a suite of tools which read and write flow traces, delete flows from traces, and generate new flows to merge into flow traces. - FLAME v1.0 is published under GPLv2 and modified BSD license. You can request it by email from me.
- If you are a student and interested in extending FLAME in a thesis project or otherwise, feel free to contact me.
Publications
- Daniela Brauckhoff, Xenofontas Dimitropoulos, Arno Wagner, Kavé Salamatian
Anomaly Extraction in Backbone Networks Using Association Rules
IMC'09: Internet Measurement Conference, Chicago, IL, USA, Nov, 2009.
[BDWS2009] - Daniela Brauckhoff, Kave Salamatian, Martin May
Applying PCA for Traffic Anomaly Detection: Problems and Solutions
IEEE INFOCOM 2009, Mini-Conference, Rio de Janeiro, Brazil, Mai, 2009.
[BSM2009] - Martin Burkhart, Daniela Brauckhoff, Martin May
On the Utility of Anonymized Flow Traces for Anomaly Detection
19th ITC Specialist Seminar on Network Usage and Traffic (ITC SS 19), Berlin, Germany, October, 2008. [BBM2008] - Martin Burkhart, Daniela Brauckhoff, Martin May, Elisa Boschi:
The Risk-Utility Trade-off for IP Address Truncation
ACM CCS, NDA Workshop, Alexandria, VA, USA, October, 2008. [BBMB2008] - Daniela Brauckhoff, Arno Wagner, Martin May:
Flame: A Flow-level Anomaly Modeling Engine
Usenix Security, CSET Workshop, San Jose, CA, USA, July 2008. [BWM2008] - Bernhard Tellenbach, Daniela Brauckhoff, and Martin May
Impact of Traffic Mix and Packet Sampling on Anomaly Visibility
IEEE ICIMP, Bucharest, Romania, June 2008, best paper award [TBM2008] - Daniela Brauckhoff, Martin May, Bernhard Plattner:
Comparison of Anomaly Signal Quality in Common Detection Metrics
ACM SIGMETRICS 2007, MineNet Workshop, San Diego, CA, USA, June, 2007. [BMP2007a] - Daniela Brauckhoff, Martin May, Bernhard Plattner:
Flow-Level Anomaly Detection - Blessing or Curse?
IEEE INFOCOM 2007, Student Workshop, Anchorage, Alaska, USA, May, 2007. [BMP2007] - Daniela Brauckhoff, Bernhard Tellenbach, Arno Wagner, Anukool Lakhina, Martin May:
Impact of Packet Sampling on Anomaly Detection Metrics
ACM Internet Measurement Conference 2006, IMC 2006, Rio de Janeiro, Brazil, October, 2006. [BTWLM06] - Daniela Brauckhoff, Ulrich Fiedler, Bernhard Plattner:
Towards Systematically Evaluating Flow-level Anomaly Detection Mechanisms
Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2006), Tübingen, Germany, September, 2006. [BFP06] - Daniela Brauckhoff, Matthias Bossardt, Bernhard Plattner:
Automated Pattern-Based Service Deployment in Programmable Networks
Journal of Network and Systems Management: Special Issue on Management of Active and Programmable Networks, Springer Verlag, Vol. 14, No. 1, March, 2006. [BBP05]
Completed Student Theses
- Extending FLAME: A framework for Anomaly Injection, [Evelyn Leuenberger], Report
- FLAME: A Flow-level Anomaly Modeling Engine, [Dominik Übersax], Report
- Analysis and Modeling of Internet Epidemics, [Jonathan Gysel], Report
- Localization of Known Anomaly Types in NetFlow Traces, [Niklaus Frey], Report
- Anomaly Analysis using Host-behavior Clustering, [Fabian Wanner], Report
- Anomaly Visibility and Detectability in Sampled Traffic, [Jonathan Gysel], Report
- Flow-level Traffic Generation, [Martin Schreiber], Report
- Monitoring and Debugging ISP Topologies, [Janneth Malibago], Report
- Attack Signature Generation: A Survey, [Rashid Waraich], Report
Teaching
- FS 2009: Communication Networks
HS 2008: Network Security, Seminar on Current Topics in Information Security
FS 2008: Communication Networks
HS 2007: Network Security, Seminar on Current Topics in Information Security
FS 2007: Communication Networks (Coordinator)
Projects
- Intersection: I am working since 2007 in the Intersection EU project
- NoAH: I worked from 2005 to 2008 in the NoAH EU project (NoAH - A European Network of Affined Honeypots)
- Bernhard Tellenbach, Daniela Brauckhoff, Bernhard Plattner:
A Survey on Automated Signature Generation Approaches
TIK Report Nr. 258, February, 2006. [TBP06]
Wichtiger Hinweis:
Diese Website wird in älteren Versionen von Netscape ohne
graphische Elemente dargestellt. Die Funktionalität der
Website ist aber trotzdem gewährleistet. Wenn Sie diese
Website regelmässig benutzen, empfehlen wir Ihnen, auf
Ihrem Computer einen aktuellen Browser zu installieren. Weitere
Informationen finden Sie auf
folgender
Seite.
Important Note:
The content in this site is accessible to any browser or
Internet device, however, some graphics will display correctly
only in the newer versions of Netscape. To get the most out of
our site we suggest you upgrade to a newer browser.
More
information
