@inproceedings{6ab68f6a971c49448478888e47260761,
title = "NTFA: Network Flow Aggregator",
abstract = "Network intrusion detection systems (NIDS) play a vital role in defending against cybersecurity threats. One effective way of detecting attacks is to analyse their footprint on the network traffic logs. Flow-based logging is a standard method for logging network traffic. Given the high volume of traffic, it is unpractical to manually analyse it. This is where machine learning can play a great role by automatically analysing traffic logs and identifying attacks. One way to process the flow data is to aggregate the information and extract insight from the aggregated network traffic. This paper presents an open-source aggregator NTFA (Network Flow Aggregator). This customisable network flow aggregator can aggregate flow-based, from the standard NetFlow format, data based on the time as well as other criteria, while offering the operator the option of using different time windows. To evaluate the suitability of the output aggreates for the intrusion detection task, we use this tool to aggregate the CIDDS-001 dataset and train a classifier using a decision tree algorithm. The model can classify aggregated network traffic data with an accuracy of 99.8%. Our experiment demonstrates that the aggregated data can be used in various machine-learning research projects or industries related to intrusion detection scenarios.",
keywords = "CIDDS, Netflow, Network Intrusion Detection",
author = "Kayvan Karim and {Ragab Hassen}, Hani and Hadj Batatia",
note = "Publisher Copyright: {\textcopyright} 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 2nd International Conference on Applied Cyber Security 2023, ACS 2023 ; Conference date: 29-04-2023 Through 29-04-2023",
year = "2023",
month = sep,
day = "8",
doi = "10.1007/978-3-031-40598-3_3",
language = "English",
isbn = "9783031405976",
series = "Lecture Notes in Networks and Systems",
publisher = "Springer",
pages = "21--28",
editor = "Hind Zantout and {Ragab Hassen}, Hani",
booktitle = "Proceedings of the International Conference on Applied Cybersecurity (ACS) 2023",
}