Data structures and network algorithms
Data structures and network algorithms
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
ACM Computing Surveys (CSUR)
An end-to-end approach to host mobility
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
ACM Transactions on Computer Systems (TOCS)
Introduction to the Theory of Computation
Introduction to the Theory of Computation
On Clustering Validation Techniques
Journal of Intelligent Information Systems
IEEE Transactions on Visualization and Computer Graphics
Navigating large networks with hierarchies
VIS '93 Proceedings of the 4th conference on Visualization '93
FlowScan: A Network Traffic Flow Reporting and Visualization Tool
LISA '00 Proceedings of the 14th USENIX conference on System administration
Mapping and visualizing the internet
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Pandora: a flexible network monitoring platform
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Leveraging good intentions to reduce unwanted network traffic
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Network monitoring using traffic dispersion graphs (tdgs)
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Graph summarization with bounded error
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Exploiting dynamicity in graph-based traffic analysis: techniques and applications
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Graph-based P2P traffic classification at the internet backbone
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
Exploring graph-based network traffic monitoring
INFOCOM'09 Proceedings of the 28th IEEE international conference on Computer Communications Workshops
The cubicle vs. the coffee shop: behavioral modes in enterprise end-users
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
A first look at traffic classification in enterprise networks
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Monitoring abnormal traffic flows based on independent component analysis
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Link homophily in the application layer and its usage in traffic classification
INFOCOM'10 Proceedings of the 29th conference on Information communications
Dynamic feature analysis and measurement for large-scale network traffic monitoring
IEEE Transactions on Information Forensics and Security
Graption: A graph-based P2P traffic classification framework for the internet backbone
Computer Networks: The International Journal of Computer and Telecommunications Networking
Monitoring abnormal network traffic based on blind source separation approach
Journal of Network and Computer Applications
Analysis of communities of interest in data networks
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
A supervised machine learning approach to classify host roles on line using sFlow
Proceedings of the first edition workshop on High performance and programmable networking
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
Role classification involves grouping hosts into related roles. It exposes the logical structure of a network, simplifies network management tasks such as policy checking and network segmentation, and can be used to improve the accuracy of network monitoring and analysis algorithms such as intrusion detection. This paper defines the role classification problem and introduces two practical algorithms that group hosts based on observed connection patterns while dealing with changes in these patterns over time. The algorithms have been implemented in a commercial network monitoring and analysis product for enterprise networks. Results from grouping two enterprise networks show that the number of groups identified by our algorithms can be two orders of magnitude smaller than the number of hosts and that the way our algorithms group hosts highly reflect the logical structure of the networks.