Machine vision: automated visual inspection and robot vision
Machine vision: automated visual inspection and robot vision
Ten lectures on wavelets
On the self-similar nature of Ethernet traffic
SIGCOMM '93 Conference proceedings on Communications architectures, protocols and applications
Fast subsequence matching in time-series databases
SIGMOD '94 Proceedings of the 1994 ACM SIGMOD international conference on Management of data
Similarity-based queries for time series data
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Locally adaptive dimensionality reduction for indexing large time series databases
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Time Series Analysis: Forecasting and Control
Time Series Analysis: Forecasting and Control
F4: large-scale automated forecasting using fractals
Proceedings of the eleventh international conference on Information and knowledge management
Realistic BGP traffic for test labs
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
A user-friendly self-similarity analysis tool
ACM SIGCOMM Computer Communication Review
Locating internet routing instabilities
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
HLP: a next generation inter-domain routing protocol
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Adaptive, hands-off stream mining
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Metric forensics: a multi-level approach for mining volatile graphs
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
BGPfuse: using visual feature fusion for the detection and attribution of BGP anomalies
Proceedings of the Tenth Workshop on Visualization for Cyber Security
Hi-index | 0.00 |
The Border Gateway Protocol (BGP) is one of the fundamental computer communication protocols. Monitoring and mining BGP update messages can directly reveal the health and stability of Internet routing. Here we make two contributions: firstly we find patterns in BGP updates, like self-similarity, power-law and lognormal marginals; secondly using these patterns, we find anomalies. Specifically, we develop BGP-lens, an automated BGP updates analysis tool, that has three desirable properties: (a) It is effective, able to identify phenomena that would otherwise go unnoticed, such as a peculiar 'clothesline' behavior or prolonged 'spikes' that last as long as 8 hours; (b) It is scalable, using algorithms are all linear on the number of time-ticks; and (c) It is admin-friendly, giving useful leads for phenomenon of interest. We showcase the capabilities of BGP-lens by identifying surprising phenomena verified by syadmins, over a massive trace of BGP updates spanning 2 years, from the publicly available site datapository.net.