Mostra el registre d'ítem simple
Automating root-cause analysis of network anomalies using frequent itemset mining
dc.contributor.author | Paredes Oliva, Ignasi |
dc.contributor.author | Dimitropoulos, Xenofontas |
dc.contributor.author | Molina, Maurizio |
dc.contributor.author | Barlet Ros, Pere |
dc.contributor.author | Brauckhoff, Daniela |
dc.contributor.other | Universitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors |
dc.date.accessioned | 2011-12-29T09:45:44Z |
dc.date.available | 2011-12-29T09:45:44Z |
dc.date.created | 2010 |
dc.date.issued | 2010 |
dc.identifier.citation | Paredes Oliva, Ignasi [et al.]. Automating root-cause analysis of network anomalies using frequent itemset mining. A: ACM SIGCOMM Special Interest Group on Data Communications. "Compilation Proceeding of SIGCOMM 2010 & the Co-Located Workshops". Nova Delhi: ACM Press. Association for Computing Machinery, 2010, p. 467-468. |
dc.identifier.isbn | 978-1-4503-0200-5 |
dc.identifier.uri | http://hdl.handle.net/2117/14346 |
dc.description.abstract | Finding the root-cause of a network security anomaly is essential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two networks. In this demonstration, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the GÉANT network since late 2009. We will report a number of detected security anomalies and will illustrate how an operator can use our system to automatically extract and summarize anomalous flows. |
dc.format.extent | 2 p. |
dc.language.iso | eng |
dc.publisher | ACM Press. Association for Computing Machinery |
dc.rights | Attribution-NonCommercial-NoDerivs 3.0 Spain |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
dc.subject | Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors |
dc.subject.lcsh | Computer networks -- Security measures |
dc.subject.other | Anomaly extraction |
dc.subject.other | Anomaly validation |
dc.subject.other | Association rules |
dc.title | Automating root-cause analysis of network anomalies using frequent itemset mining |
dc.type | Conference lecture |
dc.subject.lemac | Ordinadors, Xarxes d' -- Mesures de seguretat |
dc.contributor.group | Universitat Politècnica de Catalunya. CBA - Sistemes de Comunicacions i Arquitectures de Banda Ampla |
dc.description.peerreviewed | Peer Reviewed |
dc.rights.access | Open Access |
local.identifier.drac | 4421315 |
dc.description.version | Postprint (published version) |
local.citation.author | Paredes Oliva, Ignasi; Dimitropoulos, X.; Molina, M.; Barlet, P.; Brauckhoff, D. |
local.citation.contributor | ACM SIGCOMM Special Interest Group on Data Communications |
local.citation.pubplace | Nova Delhi |
local.citation.publicationName | Compilation Proceeding of SIGCOMM 2010 & the Co-Located Workshops |
local.citation.startingPage | 467 |
local.citation.endingPage | 468 |