Defensive Publications Series

CORRELATION OF EXTENDED BERKELEY PACKET FILTER DATA, NETWORK FLOW, AND APPLICATION DATA TO ACHIEVE DEEPER INSIGHTS

Tim Szigeti
Dave Zacks
Ted Hulick

Abstract

Proposed herein are techniques to correlate together data derived from extended Berkeley Packet Filter (eBPF) visibility on hosts, combined with network data, such as that derived from monitored network traffic, and end host data, such as that derived from network visibility tools or other similar network monitoring tools/sources, in order to drive deeper visibility into traffic flows across network, and potential policy outcomes in mid-span network devices based on these correlations and the insights they provide.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

Szigeti, Tim; Zacks, Dave; and Hulick, Ted, "CORRELATION OF EXTENDED BERKELEY PACKET FILTER DATA, NETWORK FLOW, AND APPLICATION DATA TO ACHIEVE DEEPER INSIGHTS", Technical Disclosure Commons, (June 26, 2024)
https://www.tdcommons.org/dpubs_series/7141

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

CORRELATION OF EXTENDED BERKELEY PACKET FILTER DATA, NETWORK FLOW, AND APPLICATION DATA TO ACHIEVE DEEPER INSIGHTS

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

CORRELATION OF EXTENDED BERKELEY PACKET FILTER DATA, NETWORK FLOW, AND APPLICATION DATA TO ACHIEVE DEEPER INSIGHTS

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information