Loading...
Please wait, while we are loading the content...
Similar Documents
Automating root-cause analysis of network anomalies using frequent itemset mining (2010)
| Content Provider | CiteSeerX |
|---|---|
| Author | Paredes-Oliva, Ignasi Brauckhoff, Daniela Barlet-Ros, Pere Molina, Maurizio |
| Description | ACM SIGCOMM Computer Communication Review |
| Abstract | Finding the root-cause of a network security anomaly is es-sential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anoma-lous flows in most studied cases using sampled and unsam-pled NetFlow traces from two networks. In this demonstra-tion, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the GEĢANT network since late 2009. We will report a num-ber of detected security anomalies and will illustrate how an operator can use our system to automatically extract and summarize anomalous flows. |
| File Format | |
| Publisher Date | 2010-01-01 |
| Access Restriction | Open |
| Subject Keyword | Anomalous Flow Frequent Itemset Mining Detected Security Anomaly Studied Case Commercial Anomaly Detector Commercial One Different Anomaly Detector Root-cause Analysis Anoma-lous Flow Network Anomaly Generic Technique Open-source Anomaly-extraction System Ge Ant Network Network Security Anomaly Unsam-pled Netflow Trace |
| Content Type | Text |
