For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
A Spare-Part Distribution Management Model for Diesel Engine Industry
p.895
A Torque Vectoring Control System for Maneuverability Improvement of 4WD EV
p.899
The Control System for Ink Keys of Press Based on DSP Controlle
p.904
A Robust Large Envelope Flight Controller Design Method Based on the Particle Swarm Optimization Algorithm
p.908
A New Method of Detecting Network Traffic Anomalies
p.912
Reliability Analysis of Pressure Meter Electronic System Based on Fault Tree
p.917
Algorithms for Acoustic Source Orientation Based on Microphone Array in Robot Audition
p.922
Flow Control Strategy Research and Simulation Analysis for Liquor Blending System
p.927
Parameter Estimation of Wideband Cyclostationary Sources Based on Uni-Vector-Sensor
p.932

A New Method of Detecting Network Traffic Anomalies

Article Preview

Abstract:

As Internet communications and applications become more and more complex, accurately describing network traffic information and rapidly monitoring network traffic anomalies have become increasingly challenging tasks. In this paper, we present a framework and method for monitoring network traffic through measuring the dynamic changes of host communities. An unweighted and undirected host interaction network (HIN) is established through extracting the social-behavioral characteristics of network traffic. Based on social-behavior similarity in HIN, host community is defined, and then five features are proposed to capture host community changes. Finally, this method is evaluated through two real-world network traffic, and the experimental results show that the method presented in this paper can effectively capture the dynamic changes of host communities to monitor network traffic.

You might also be interested in these eBooks
Instruments, Measurement, Electronics and Information Engineering View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 347-350)

Pages:

912-916

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.347-350.912

Citation:

Cite this paper

Online since:

August 2013

Authors:

Jun Cai, Wai Xi Liu

Keywords:

Complex Network, Host Community, Host Community Change, Host Interaction Network, Network Traffic Monitoring

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] P. Haffner, S. Sen, O. Spatscheck, and D. Wang, ACAS: Automated Construction of Application Signatures, In ACM SIGCOMM MineNet Workshop, Philadelphia, USA, 2005, pp.197-202.

DOI: 10.1145/1080173.1080183

Google Scholar

[2] K. Xu, Z. Zhang, S. Bhattacharyya, Profiling Internet Backbone Traffic: Behavior Models and Applications, In ACM SIGCOMM, Philadelphia, USA, 2005, pp.169-180.

DOI: 10.1145/1090191.1080112

Google Scholar

[3] G. Giorgi, C. Narduzzi, Detection of Anomalous Behaviors in Networks from Traffic Measurements, IEEE Trans On Instrumentation And Measurement , vol. 57, no. 12, pp.2782-2791, (2008).

DOI: 10.1109/tim.2008.926046

Google Scholar

[4] Thomas K, Konstantina P, Nina T., Profiling the End Host, In Proc. of the 8th international conference on Passive and active network measurement, Louvain-la-Neuve, Belgium, 2007, pp.186-196.

Google Scholar

[5] W. Aiello, C. Kalmanek, P. McDaniel. Analysis of Communities of Interest in Data Networks, In Proc. of the Passive and Active Network Measurement, Boston, MA, USA, 2005, pp.83-96.

DOI: 10.1007/978-3-540-31966-5_7

Google Scholar

[6] Wei, S., J. Mirkovic, E. Kissel, Profiling and Clustering Internet Hosts, In Proc. of the International Conference on Data Mining, Las Vegas, Nevada, USA, 2006, pp.11-17.

Google Scholar

[7] D.J. Watts and S.H. Strogatz, Collective dynamics of small-world networks, Nature, vol. 393, no. 664, pp.440-442, (1998).

DOI: 10.1038/30918

Google Scholar

[8] Albert-László Barabási, Réka Albert, Emergence of Scaling in Random Networks,. Science, vol. 286, no. 5434, pp.509-512, (1999).

DOI: 10.1126/science.286.5439.509

Google Scholar

[9] M. Girvan and M.E.J., Newman, Community structure in social and biological networks, PNAS, vol. 99, no. 12, pp.7812-7826, (2002).

Google Scholar

[10] T. Karagiannis. K. Papagiannaki, and M. Faloutsons, BLINC: multilevel traffic classification in the dark, In ACM SIGCOMM, Philadelphia, PA, 2005, pp.229-240.

DOI: 10.1145/1090191.1080119

Google Scholar

[11] M. Iliofotou, P. Pappu, M. Faloutsos,S. Singh, and G. Varghese, Network monitoring using traffic dispersion graphs (tdgs), In Proc. of the 7th ACM SIGCOMM conference on Internet measurement, San Diego, USA, 2007, pp.315-320.

DOI: 10.1145/1298306.1298349

Google Scholar

[12] Qi Liao, Aaron Striegel and Nitesh Chawla, Visualizing graph dynamics and similarity for enterprise network security and management, In Proc. of the Seventh International Symposium on Visualization for Cyber Security, Ottawa, Ontario, 2010, pp.34-45.

DOI: 10.1145/1850795.1850799

Google Scholar

[13] S. Nagaraja, P. Mittal, C. -Y. Hong, M. Caesar, N. Borisov, BotGrep: Finding P2P Bots with Structured Graph Analysis, In Proc. of USENIX Security Symposium, Washington, DC, 2010, pp.1-16.

Google Scholar

[14] Kuai Xu, Feng Wang, Lin Gu, Network-Aware Behavioral Clustering of Internet end hosts, In IEEE International Conference on Computer Communications (INFOCOM), Shanghai, China, 2011, p.2078-(2086).

DOI: 10.1109/infcom.2011.5935017

Google Scholar

[15] M.E.J. Newman, Detecting community structure in networks, The European Physical Journal B - Condensed Matter and Complex Systems , vol. 38, no. 2, pp.321-330, (2004).

DOI: 10.1140/epjb/e2004-00124-y

Google Scholar

[16] P. McDaniel, S. Sen, O. Spatscheck, Enterprise security: a community of interest based approach, In Proc. of Network and Distributed System Security (NDSS), San Diego, California USA, 2006, pp.1-15.

Google Scholar

[17] P. Verkaik, O. Spatscheck, PRIMED: community-of-interest-based DDoS Mitigation, In ACM LSAD Workshop, Pisa, Italy, 2006, pp.147-154.

DOI: 10.1145/1162666.1162673

Google Scholar

[18] S. Asur, S. Parthasarathy, D. Uca, An event-based framework for characterizing the evolutionary behavior of interaction graphs, In Proc. of 13th ACM SIGKDD international conference on Knowledge Discovery and Data minning, San Jose, California, 2007, pp.913-921.

DOI: 10.1145/1281192.1281290

Google Scholar

[19] Greene. D, Doyle. D, Conningham.P., Tracking the evolution of communities in dynamic social networks, In Adcances in Social Networks Analysis and Mining, Odense, Denmark, 2010, pp.44-54.

DOI: 10.1109/asonam.2010.17

Google Scholar

[20] S. Staniford, V. Paxson, and N. Weaver, How to own the Internet in your spare time, In Proceeding of the 11th USENIX Security Symposium, 2002, pp.149-167.

Google Scholar

[21] K. Ishibashi, T. Mori, R. Kawahara, 2-D Bitmap for Summarizing Inter-Host Communication Patterns, In International Symposium on Applications and the Internet Workshops, Hiroshima, Japan, 2007, pp.83-87.

DOI: 10.1109/saint-w.2007.1

Google Scholar

[22] http: /www. wand. net. nz/wits/auck/9/auckland_ix. php.

Google Scholar

[23] A. Lakhina, M. Crovella, and C. Diot, Characterization of network-wide anomalies in traffic flows, In Proc. 4th ACM SIGCOMM Internet Measurement of Conf., Taormina, Italy, 2004, pp.201-206.

DOI: 10.1145/1028788.1028813

Google Scholar

[24] R. Pang, M. Allman, M. Bennett, A first at modern enterprise traffic, In Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement, Berkeley, California, USA, 2005, pp.15-28.

DOI: 10.1145/1330107.1330110

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.