A survey on network data collection

Donghao Zhou, Zheng Yan*, Yulong Fu, Zhen Yao

*Corresponding author for this work

    Research output: Contribution to journalReview Articlepeer-review

    88 Citations (Scopus)
    336 Downloads (Pure)

    Abstract

    Networks have dramatically changed our daily life and infiltrated all aspects of human society. At the same time when we enjoy the convenience and benefits brought by the networks, we also suffer from a great amount of intelligent attacks and malicious intrusions. As a fundamental procedure of network security measurement, network data collection executes real time network monitoring, supports network performance evaluation, assists network billing, and helps traffic testing and filtering. Thus, it plays a crucial and essential role for dealing with network intrusion detection and unwanted traffic control. But an adaptive and effective data collection mechanism that can be pervasively applied into heterogeneous networks is still lacked. The literature we have hunted rarely comments and compares the performance of existing data collection mechanisms. In this paper, we conduct a survey on existing data collection methods, mechanisms and architectures. According to a number of proposed assessment criteria, we evaluate the performance of existing data collection mechanisms and summarize their characteristics. Furthermore, we figure out some open issues based our investigation and forecast future research directions.

    Original languageEnglish
    Pages (from-to)9-23
    Number of pages15
    JournalJournal of Network and Computer Applications
    Volume116
    DOIs
    Publication statusPublished - 15 Aug 2018
    MoE publication typeA2 Review article, Literature review, Systematic review

    Keywords

    • Attack detection
    • Intrusion detection
    • Network data collection
    • Network management
    • Network security
    • Packet capture

    Fingerprint

    Dive into the research topics of 'A survey on network data collection'. Together they form a unique fingerprint.

    Cite this