Research Article
Efficient Extraction of Network Event Types from NetFlows
Algorithm 5
Extracting events from proto-events.
| 1: function EXTRACTEVENTS(versionSpace) | | 2: events | | 3: descriptions ParseDescriptions(Descriptions, Dictionary) | | 4: for all protoEvent versionSpace do | | 5: flows protoEvent.flows | | 6: desc (descriptions protoEvent.type) description for event | | 7: repaired = true | | 8: while repaired = true do | | 9: repaired = false | | 10: for all formula desc.Aggregative do | | 11: if flows formula then | | 12: flows subsetSearch(formula, flows) | | 13: repaired = true set was changed redo | | 14: end if | | 15: end for | | 16: end while | | 17: if protoEvent.flows then valid subset was found | | 18: events events protoEvent | | 19: end if | | 20: end for | | 21: return events | | 22: end function |
|
