• DocumentCode
    1076032
  • Title

    Internet Traffic Behavior Profiling for Network Security Monitoring

  • Author

    Xu, Kuai ; Zhang, Zhi-Li ; Bhattacharyya, Supratik

  • Author_Institution
    Yahoo, Sunnyvale, CA
  • Volume
    16
  • Issue
    6
  • fYear
    2008
  • Firstpage
    1241
  • Lastpage
    1252
  • Abstract
    Recent spates of cyber-attacks and frequent emergence of applications affecting Internet traffic dynamics have made it imperative to develop effective techniques that can extract, and make sense of, significant communication patterns from Internet traffic data for use in network operations and security management. In this paper, we present a general methodology for building comprehensive behavior profiles of Internet backbone traffic in terms of communication patterns of end-hosts and services. Relying on data mining and entropy-based techniques, the methodology consists of significant cluster extraction, automatic behavior classification and structural modeling for in-depth interpretive analyses. We validate the methodology using data sets from the core of the Internet.
  • Keywords
    Internet; computer network management; data mining; telecommunication security; telecommunication traffic; Internet traffic behavior profiling; automatic behavior classification; cluster extraction; cyber-attacks; data mining; data sets; entropy-based techniques; in-depth interpretive analysis; network security monitoring; security management; structural modeling; Anomaly behavior; monitoring; traffic profiling;
  • fLanguage
    English
  • Journal_Title
    Networking, IEEE/ACM Transactions on
  • Publisher
    ieee
  • ISSN
    1063-6692
  • Type

    jour

  • DOI
    10.1109/TNET.2007.911438
  • Filename
    4455451
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1076032