Exploiting dynamicity in graph-based traffic analysis
作者: Marios Iliofotou , Michalis Faloutsos , Michael Mitzenmacher
关键词: Traffic generation model 、 Computer science 、 Network traffic control 、 Traffic analysis 、 Traffic classification 、 Network traffic simulation 、 Theoretical computer science 、 Distributed computing 、 Network monitoring 、 Legacy system 、 Graph (abstract data type)
摘要: Network traffic can be represented by a Traffic Dispersion Graph (TDG) that contains an edge between two nodes send particular type of (e.g., DNS) to one another. TDGs have recently been proposed as alternative way interpret and visualize network traffic. Previous studies focused on static properties using graph snapshots in isolation. In this work, we represent with series related instances change over time. This representation facilitates the analysis dynamic nature traffic, providing additional descriptive power. For example, DNS P2P appear similar when compared isolation, but time differs significantly. To quantify changes time, introduce novel metrics capture both structure average degree) participants (i.e., IP addresses) TDG. We apply our new methodologies improve graph-based classification detect profile legacy applications e-mail).
acm.org
sigcomm.org 参考文章(41)
Karl Levitt, Steven Cheung, Jeremy Frank, Raymond Yip, Rick Crawford, Mark Dilger, Stuart Staniford-Chen, Jim Hoagland, Je Rowe, Dan Zerkle, The Design of GrIDS: A Graph-Based Intrusion Detection System ,(2007)
Dave Plonka, FlowScan: A Network Traffic Flow Reporting and Visualization Tool usenix large installation systems administration conference. pp. 305- 318 ,(2000)
William Aiello, Patrick D. McDaniel, Jacobus E. van der Merwe, Oliver Spatscheck, Subhabrata Sen, Charles R. Kalmanek, Enterprise Security: A Community of Interest Based Approach. network and distributed system security symposium. ,(2006)
Anthony McGregor, Mark Hall, Perry Lorier, James Brunskill, Flow Clustering Using Machine Learning Techniques passive and active network measurement. ,vol. 3015, pp. 205- 214 ,(2004) , 10.1007/978-3-540-24668-8_21
T. Karagiannis, A. Broido, N. Brownlee, K.C. Claffy, M. Faloutsos, Is P2P dying or just hiding? [P2P traffic measurement] global communications conference. ,vol. 3, pp. 1532- 1538 ,(2004) , 10.1109/GLOCOM.2004.1378239
William Aiello, Charles Kalmanek, Patrick McDaniel, Subhabrata Sen, Oliver Spatscheck, Jacobus Van der Merwe, Analysis of Communities of Interest in Data Networks Lecture Notes in Computer Science. ,vol. 3431, pp. 83- 96 ,(2005) , 10.1007/978-3-540-31966-5_7
Mark A. Hall, Ian H. Witten, Eibe Frank, Data Mining: Practical Machine Learning Tools and Techniques ,(1999)
John Guttag, Godfrey Tan, Frans Kaashoek, Massimiliano Poletto, Role classification of hosts within enterprise networks based on connection patterns usenix annual technical conference. pp. 2- 2 ,(2003)
Hyunchul Kim, KC Claffy, Marina Fomenkov, Dhiman Barman, Michalis Faloutsos, KiYoung Lee, Internet traffic classification demystified: myths, caveats, and the best practices conference on emerging network experiment and technology. pp. 11- ,(2008) , 10.1145/1544012.1544023
Andrew W. Moore, Denis Zuev, Internet traffic classification using bayesian analysis techniques measurement and modeling of computer systems. ,vol. 33, pp. 50- 60 ,(2005) , 10.1145/1064212.1064220