Title :
Internet Traffic Behavior Profiling for Network Security Monitoring
Author :
Xu, Kuai ; Zhang, Zhi-Li ; Bhattacharyya, Supratik
Author_Institution :
Yahoo, Sunnyvale, CA
Abstract :
Recent spates of cyber-attacks and frequent emergence of applications affecting Internet traffic dynamics have made it imperative to develop effective techniques that can extract, and make sense of, significant communication patterns from Internet traffic data for use in network operations and security management. In this paper, we present a general methodology for building comprehensive behavior profiles of Internet backbone traffic in terms of communication patterns of end-hosts and services. Relying on data mining and entropy-based techniques, the methodology consists of significant cluster extraction, automatic behavior classification and structural modeling for in-depth interpretive analyses. We validate the methodology using data sets from the core of the Internet.
Keywords :
Internet; computer network management; data mining; telecommunication security; telecommunication traffic; Internet traffic behavior profiling; automatic behavior classification; cluster extraction; cyber-attacks; data mining; data sets; entropy-based techniques; in-depth interpretive analysis; network security monitoring; security management; structural modeling; Anomaly behavior; monitoring; traffic profiling;
Journal_Title :
Networking, IEEE/ACM Transactions on
DOI :
10.1109/TNET.2007.911438
