Elements of information theory
Elements of information theory
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Practical automated detection of stealthy portscans
Journal of Computer Security
Internet intrusions: global characteristics and prevalence
SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Automatically inferring patterns of resource consumption in network traffic
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Proceedings of the 2003 ACM workshop on Rapid malcode
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Real-Time Detection of Hidden Traffic Patterns
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Characterization of network-wide anomalies in traffic flows
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Reducing unwanted traffic in a backbone network
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
A Real-Time Network Traffic Profiling System
DSN '07 Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
Finding hierarchical heavy hitters in data streams
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
ISI'03 Proceedings of the 1st NSF/NIJ conference on Intelligence and security informatics
A parameterizable methodology for Internet traffic flow profiling
IEEE Journal on Selected Areas in Communications
Detecting anomalies in network traffic using the method of remaining elements
IEEE Communications Letters
Network prefix-level traffic profiling: Characterizing, modeling, and evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 6th International COnference
A Hough-transform-based anomaly detector with an adaptive time interval
Proceedings of the 2011 ACM Symposium on Applied Computing
Characterizing Intelligence Gathering and Control on an Edge Network
ACM Transactions on Internet Technology (TOIT)
A Hough-transform-based anomaly detector with an adaptive time interval
ACM SIGAPP Applied Computing Review
A network activity classification schema and its application to scan detection
IEEE/ACM Transactions on Networking (TON)
Group signature revocable anonymity scheme for network monitoring
Annales UMCS, Informatica - Security Systems
Web traffic profiling and characterization
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Lightweight and Informative Traffic Metrics for Data Center Monitoring
Journal of Network and Systems Management
A real-time visualization framework for IDS alerts
Proceedings of the 5th International Symposium on Visual Information Communication and Interaction
FireCol: a collaborative protection network for the detection of flooding DDoS attacks
IEEE/ACM Transactions on Networking (TON)
K-sparse approximation for traffic histogram dimensionality reduction
Proceedings of the 8th International Conference on Network and Service Management
Information Sciences: an International Journal
A measurement-based study on the correlations of inter-domain Internet application flows
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Recent spates of cyber-attacks and frequent emergence of applications affecting Internet traffic dynamics have made it imperative to develop effective techniques that can extract, and make sense of, significant communication patterns from Internet traffic data for use in network operations and security management. In this paper, we present a general methodology for building comprehensive behavior profiles of Internet backbone traffic in terms of communication patterns of end-hosts and services. Relying on data mining and entropy-based techniques, the methodology consists of significant cluster extraction, automatic behavior classification and structural modeling for in-depth interpretive analyses. We validate the methodology using data sets from the core of the Internet.