Internet service performance failure detection
ACM SIGMETRICS Performance Evaluation Review
Driving by the rear-view mirror: managing a network with cricket
NETA'99 Proceedings of the 1st conference on Conference on Network Administration - Volume 1
Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Structural analysis of network traffic flows
Proceedings of the joint international conference on Measurement and modeling of computer systems
Combining routing and traffic data for detection of IP forwarding anomalies
Proceedings of the joint international conference on Measurement and modeling of computer systems
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
IP forwarding anomalies and improving their detection using multiple data sources
Proceedings of the ACM SIGCOMM workshop on Network troubleshooting: research, theory and operations practice meet malfunctioning reality
Online identification of hierarchical heavy hitters: algorithms, evaluation, and applications
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Secure distributed data-mining and its application to large-scale network measurements
ACM SIGCOMM Computer Communication Review
Data streaming algorithms for estimating entropy of network traffic
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Attack detection in time series for recommender systems
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Impact of packet sampling on anomaly detection metrics
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
A methodology for evaluating runtime support in network processors
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Detecting anomalies in network traffic using maximum entropy estimation
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Detecting performance anomalies in global applications
WORLDS'05 Proceedings of the 2nd conference on Real, Large Distributed Systems - Volume 2
Non-Gaussian and Long Memory Statistical Characterizations for Internet Traffic with Anomalies
IEEE Transactions on Dependable and Secure Computing
Authentication anomaly detection: a case study on a virtual private network
Proceedings of the 3rd annual ACM workshop on Mining network data
Proceedings of the 2007 workshop on Large scale attack defense
Application of autonomic agents for global information grid management and security
Proceedings of the 2007 Summer Computer Simulation Conference
Machine learning approaches to network anomaly detection
SYSML'07 Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques
Anomaly detection and diagnosis in grid environments
Proceedings of the 2007 ACM/IEEE conference on Supercomputing
Detection of Leaps/sLumps in Traffic Volume of Internet Backbone
APNOMS '08 Proceedings of the 11th Asia-Pacific Symposium on Network Operations and Management: Challenges for Next Generation Network Operations and Service Management
Anomaly Detection of Hostile Traffic Based on Network Traffic Distributions
Information Networking. Towards Ubiquitous Networking and Services
Dynamic dependencies and performance improvement
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
IP Packet Size Entropy-Based Scheme for Detection of DoS/DDoS Attacks
IEICE - Transactions on Information and Systems
Efficient discovery of unusual patterns in time series
New Generation Computing
ICMPv6 Cumulative Path Traceback in Mobile Ad Hoc networks (MANET)
Proceedings of the 2006 conference on Advances in Intelligent IT: Active Media Technology 2006
Application of anomaly detection algorithms for detecting SYN flooding attacks
Computer Communications
A cascade architecture for DoS attacks detection based on the wavelet transform
Journal of Computer Security
Accurate anomaly detection through parallelism
IEEE Network: The Magazine of Global Internetworking - Special issue title on recent developments in network intrusion detection
Intrusion Detection Based on Back-Propagation Neural Network and Feature Selection Mechanism
FGIT '09 Proceedings of the 1st International Conference on Future Generation Information Technology
Fast traffic anomalies detection using SNMP MIB correlation analysis
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 1
Flooding attacks detection and victim identification over high speed networks
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Effective discovery of attacks using entropy of packet dynamics
IEEE Network: The Magazine of Global Internetworking
A two-layered anomaly detection technique based on multi-modal flow behavior models
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Network anomaly confirmation, diagnosis and remediation
Allerton'09 Proceedings of the 47th annual Allerton conference on Communication, control, and computing
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detection of DDoS traffic by using the technical analysis used in the stock market
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
AnomBench: a benchmark for volume-based internet anomaly detection
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
A distribution-based approach to anomaly detection and application to 3G mobile traffic
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Baseline traffic modeling for anomalous traffic detection on network transit points
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
An automatic and dynamic parameter tuning of a statistic-based anomaly detection algorithm
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Measuring online service availability using twitter
WOSN'10 Proceedings of the 3rd conference on Online social networks
Distribution-based anomaly detection in 3G mobile networks: from theory to practice
International Journal of Network Management
International Journal of Network Management
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
OverCourt: DDoS mitigation through credit-based traffic segregation and path migration
Computer Communications
Network prefix-level traffic profiling: Characterizing, modeling, and evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system
Computer Networks: The International Journal of Computer and Telecommunications Networking
sub-space clustering and evidence accumulation for unsupervised network anomaly detection
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
On detecting abrupt changes in network entropy time series
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Computer Networks: The International Journal of Computer and Telecommunications Networking
Traffic anomaly detection and characterization in the tunisian national university network
NETWORKING'06 Proceedings of the 5th international IFIP-TC6 conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications Systems
Automatic location detection system for anomaly traffic on wired/wireless networks
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part II
Proceedings of the 7th International Conference on Network and Services Management
A comparison between divergence measures for network anomaly detection
Proceedings of the 7th International Conference on Network and Services Management
Port scan behavior diagnosis by clustering
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
0day anomaly detection made possible thanks to machine learning
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
Detection accuracy of network anomalies using sampled flow statistics
International Journal of Network Management
Populated IP addresses: classification and applications
Proceedings of the 2012 ACM conference on Computer and communications security
Computer Networks: The International Journal of Computer and Telecommunications Networking
An adaptive flow counting method for anomaly detection in SDN
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
| Hi-index | 0.00 |
The open-source software RRDtool and Cricket provide a solution to the problem of collecting, storing, and visualizing service network time series data for the real-time monitoring task. However, simultaneously monitoring all service network time series of interest is an impossible task even for the accomplished network technician. The solution is to integrate a mathematical model for automatic aberrant behavior detection in time series into the monitoring software. While there are many such models one might choose, the primary goal should be a model compatible with real-time monitoring. At WebTV, the solution was to integrate a model based on exponential smoothing and Holt-Winters forecasting into the Cricket/RRDtool architecture. While perhaps not optimal, this solution is flexible, efficient, and effective as a tool for automatic aberrant behavior detection.