Title :
Structure-based Data Mining and Screening for Network Traffic Data
Author :
Tsuruta, Hisashi ; Shoudai, Takayoshi
Author_Institution :
Dept. of Inf., Kyushu Univ., Fukuoka, Japan
fDate :
Aug. 31 2013-Sept. 4 2013
Abstract :
Darknet monitoring plays an important role for understanding various botnet activities for early detection of the threats on the Internet caused by the botnets. However, common illegal accesses by ordinary malware make such detection difficult. To remove such accesses by ordinary malware from the results of network monitoring, Tsuruta et al. (2012) proposed an automatic data screening method by discovering frequent string-based patterns appearing in observed network traffic data. In this paper, we propose a data mining and screening method based on 2-edge-connected bipartite graph structures. We applied our method to network traffic data observed in the darknet and report the results.
Keywords :
Internet; computer network security; data mining; graph theory; invasive software; telecommunication traffic; 2-edge-connected bipartite graph structures; Internet; automatic data screening method; botnet activity; darknet monitoring; frequent string-based patterns; network monitoring; network traffic data; ordinary malware; structure-based data mining; Bipartite graph; Data mining; Databases; IP networks; Internet; Malware; Monitoring; 2-edge-connected bipartite graph; darknet monitoring; data mining; data screening; graph pattern;
Conference_Titel :
Advanced Applied Informatics (IIAIAAI), 2013 IIAI International Conference on
Conference_Location :
Los Alamitos, CA
Print_ISBN :
978-1-4799-2134-8
DOI :
10.1109/IIAI-AAI.2013.78
