Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
BLINC: multilevel traffic classification in the dark
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Identifying Low-ProfileWeb Server's IP Fingerprint
QEST '06 Proceedings of the 3rd international conference on the Quantitative Evaluation of Systems
NetProfiler: profiling wide-area networks using peer cooperation
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Unconstrained endpoint profiling (googling the internet)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
Impact of IT monoculture on behavioral end host intrusion detection
Proceedings of the 1st ACM workshop on Research on enterprise networking
Perspectives on tracing end-hosts: a survey summary
ACM SIGCOMM Computer Communication Review
The cubicle vs. the coffee shop: behavioral modes in enterprise end-users
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Googling the internet: profiling internet endpoints via the world wide web
IEEE/ACM Transactions on Networking (TON)
Behavior profiling and analysis in wireless home networks
CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference
Visualizing host traffic through graphs
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Digging into HTTPS: flow-based classification of webmail traffic
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
On profiling residential customers
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Proceedings of the 23rd International Teletraffic Congress
A supervised machine learning approach to classify host roles on line using sFlow
Proceedings of the first edition workshop on High performance and programmable networking
IEEE/ACM Transactions on Networking (TON)
Reviewing traffic classification
DataTraffic Monitoring and Analysis
| Hi-index | 0.00 |
Profiling is emerging as a useful tool for a variety of diagnosis and security applications. Existing profiles are often narrowly focused in terms of the data they capture or the application they target. In this paper, we seek to design general end-host profiles capable of capturing and representing a broad range of user activity and behavior. We first present a novel methodology to profiling that uses a graph-based structure to represent and distill flow level information at the transport layer. Second, we develop mechanisms to: (a) summarize the information, and (b) adaptively evolve it over time.We conduct an initial study of our profiles on real user data, and observe that our method generates a compact, robust and intuitive description of user behavior.