Hypersparse Traffic Matrices from Suricata Network Flows using GraphBLAS
Michael Houle, Michael Jones, Dan Wallmeyer, Risa Brodeur, Justin, Burr, Hayden Jananthan, Sam Merrell, Peter Michaleas, Anthony Perez, Andrew, Prout, Jeremy Kepner
TL;DR
This paper presents a method to efficiently construct hypersparse network traffic matrices from Suricata flow records using the GraphBLAS library, enabling better analysis of network traffic patterns.
Contribution
It introduces a novel approach combining Suricata and GraphBLAS to build hypersparse traffic matrices efficiently, advancing network traffic analysis techniques.
Findings
Efficient construction of hypersparse matrices from network flows.
Enhanced analysis capabilities for large-scale network traffic.
Open source implementation using SuiteSparse: GraphBLAS.
Abstract
Hypersparse traffic matrices constructed from network packet source and destination addresses is a powerful tool for gaining insights into network traffic. SuiteSparse: GraphBLAS, an open source package or building, manipulating, and analyzing large hypersparse matrices, is one approach to constructing these traffic matrices. Suricata is a widely used open source network intrusion detection software package. This work demonstrates how Suricata network flow records can be used to efficiently construct hypersparse matrices using GraphBLAS.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsGraph Theory and Algorithms · Gene expression and cancer classification