Profiling internet backbone traffic: behavior models and applications
作者: Kuai Xu , Zhi-Li Zhang , Supratik Bhattacharyya
关键词:
摘要: Recent spates of cyber-attacks and frequent emergence applications affecting Internet traffic dynamics have made it imperative to develop effective techniques that can extract, make sense of, significant communication patterns from data for use in network operations security management. In this paper, we present a general methodology building comprehensive behavior profiles backbone terms end-hosts services. Relying on mining information-theoretic techniques, the consists cluster extraction, automatic classification structural modeling in-depth interpretive analyses. We validate using sets core Internet. The results demonstrate indeed identify common as well anomalous are interest operators analysts.
acm.org
elsevier.com
sigcomm.org 参考文章(29)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Salvatore J. Stolfo, Shlomo Hershkop, Ke Wang, Olivier Nimeskern, Chia-Wei Hu, Behavior profiling of email intelligence and security informatics. pp. 74- 90 ,(2003) , 10.1007/3-540-44853-5_6
Kevin Jeffay, Félix Hernández-Campos, F. Donelson Smith, Andrew B. Nobel, Statistical Clustering of Internet Communication Patterns ,(2003)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Stuart Staniford, James A. Hoagland, Joseph M. McAlerney, Practical automated detection of stealthy portscans Journal of Computer Security. ,vol. 10, pp. 105- 136 ,(2002) , 10.3233/JCS-2002-101-205
Jaeyeon Jung, V. Paxson, A.W. Berger, H. Balakrishnan, Fast portscan detection using sequential hypothesis testing ieee symposium on security and privacy. pp. 211- 225 ,(2004) , 10.1109/SECPRI.2004.1301325
Supratik Bhattacharyya, Kuai Xu, Zhi-Li Zhang, Reducing unwanted traffic in a backbone network conference on steps to reducing unwanted traffic on internet. pp. 2- 2 ,(2005)
Jaeyeon Jung, Balachander Krishnamurthy, Michael Rabinovich, Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites the web conference. pp. 293- 304 ,(2002) , 10.1145/511446.511485
K.C. Claffy, H.-W. Braun, G.C. Polyzos, A parameterizable methodology for Internet traffic flow profiling IEEE Journal on Selected Areas in Communications. ,vol. 13, pp. 1481- 1494 ,(1995) , 10.1109/49.464717
Klaus Krippendorff, Information Theory: Structural Models for Qualitative Data ,(1986)