Bayesian classification (AutoClass): theory and results
Advances in knowledge discovery and data mining
BGP routing stability of popular destinations
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Accurate, scalable in-network identification of p2p traffic using application signatures
Proceedings of the 13th international conference on World Wide Web
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
ACAS: automated construction of application signatures
Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
Automated Traffic Classification and Application Identification using Machine Learning
LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
PRIMED: community-of-interest-based DDoS mitigation
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Traffic classification using clustering algorithms
Proceedings of the 2006 SIGCOMM workshop on Mining network data
Is sampled data sufficient for anomaly detection?
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
iPlane: an information plane for distributed services
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Measurement and analysis of online social networks
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Using uncleanliness to predict future botnet addresses
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Early application identification
CoNEXT '06 Proceedings of the 2006 ACM CoNEXT conference
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Analysis of peer-to-peer traffic on ADSL
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
GTVS: Boosting the Collection of Application Traffic Ground Truth
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Revealing the Unknown ADSL Traffic Using Statistical Methods
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
BotGAD: detecting botnets by capturing group activities in network traffic
Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE
GT: picking up the truth from the ground for internet traffic
ACM SIGCOMM Computer Communication Review
Challenging statistical classification for operational usage: the ADSL case
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Graph-based P2P traffic classification at the internet backbone
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Googling the internet: profiling internet endpoints via the world wide web
IEEE/ACM Transactions on Networking (TON)
Link homophily in the application layer and its usage in traffic classification
INFOCOM'10 Proceedings of the 29th conference on Information communications
Understanding block-level address usage in the visible internet
Proceedings of the ACM SIGCOMM 2010 conference
Unsupervised host behavior classification from connection patterns
International Journal of Network Management
How to tell an airport from a home: techniques and applications
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Detecting algorithmically generated malicious domain names
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Profiling-By-Association: a resilient traffic profiling solution for the internet backbone
Proceedings of the 6th International COnference
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Understanding end-user perception of network problems
Proceedings of the first ACM SIGCOMM workshop on Measurements up the stack
ACM Transactions on the Web (TWEB)
Proceedings of the 23rd International Teletraffic Congress
Detecting, validating and characterizing computer infections in the wild
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Uncovering relations between traffic classifiers and anomaly detectors via graph theory
TMA'10 Proceedings of the Second international conference on Traffic Monitoring and Analysis
A Modular Machine Learning System for Flow-Level Traffic Classification in Large Networks
ACM Transactions on Knowledge Discovery from Data (TKDD)
An application-level content generative model for network applications
Proceedings of the 5th International ICST Conference on Simulation Tools and Techniques
Detecting algorithmically generated domain-flux attacks with DNS traffic analysis
IEEE/ACM Transactions on Networking (TON)
A supervised machine learning approach to classify host roles on line using sFlow
Proceedings of the first edition workshop on High performance and programmable networking
Shedding light on log correlation in network forensics analysis
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Exploring EDNS-client-subnet adopters in your free time
Proceedings of the 2013 conference on Internet measurement conference
EFFORT: A new host-network cooperated framework for efficient and effective bot malware detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.02 |
Understanding Internet access trends at a global scale, i.e., what do people do on the Internet, is a challenging problem that is typically addressed by analyzing network traces. However, obtaining such traces presents its own set of challenges owing to either privacy concerns or to other operational difficulties. The key hypothesis of our work here is that most of the information needed to profile the Internet endpoints is already available around us - on the web. In this paper, we introduce a novel approach for profiling and classifying endpoints. We implement and deploy a Google-based profiling tool, which accurately characterizes endpoint behavior by collecting and strategically combining information freely available on the web. Our 'unconstrained endpoint profiling' approach shows remarkable advances in the following scenarios: (i) Even when no packet traces are available, it can accurately predict application and protocol usage trends at arbitrary networks; (ii) When network traces are available, it dramatically outperforms state-of-the-art classification tools; (iii) When sampled flow-level traces are available, it retains high classification capabilities when other schemes literally fall apart. Using this approach, we perform unconstrained endpoint profiling at a global scale: for clients in four different world regions (Asia, South and North America and Europe). We provide the first-of-its-kind endpoint analysis which reveals fascinating similarities and differences among these regions.