Mostra el registre d'ítem simple

Automating root-cause analysis of network anomalies using frequent itemset mining

dc.contributor.authorParedes Oliva, Ignasi
dc.contributor.authorDimitropoulos, Xenofontas
dc.contributor.authorMolina, Maurizio
dc.contributor.authorBarlet Ros, Pere
dc.contributor.authorBrauckhoff, Daniela
dc.contributor.otherUniversitat Politècnica de Catalunya. Departament d'Arquitectura de Computadors
dc.date.accessioned2011-12-29T09:45:44Z
dc.date.available2011-12-29T09:45:44Z
dc.date.created2010
dc.date.issued2010
dc.identifier.citationParedes Oliva, Ignasi [et al.]. Automating root-cause analysis of network anomalies using frequent itemset mining. A: ACM SIGCOMM Special Interest Group on Data Communications. "Compilation Proceeding of SIGCOMM 2010 & the Co-Located Workshops". Nova Delhi: ACM Press. Association for Computing Machinery, 2010, p. 467-468.
dc.identifier.isbn978-1-4503-0200-5
dc.identifier.urihttp://hdl.handle.net/2117/14346
dc.description.abstractFinding the root-cause of a network security anomaly is essential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two networks. In this demonstration, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the GÉANT network since late 2009. We will report a number of detected security anomalies and will illustrate how an operator can use our system to automatically extract and summarize anomalous flows.
dc.format.extent2 p.
dc.language.isoeng
dc.publisherACM Press. Association for Computing Machinery
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 Spain
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/es/
dc.subjectÀrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors
dc.subject.lcshComputer networks -- Security measures
dc.subject.otherAnomaly extraction
dc.subject.otherAnomaly validation
dc.subject.otherAssociation rules
dc.titleAutomating root-cause analysis of network anomalies using frequent itemset mining
dc.typeConference lecture
dc.subject.lemacOrdinadors, Xarxes d' -- Mesures de seguretat
dc.contributor.groupUniversitat Politècnica de Catalunya. CBA - Sistemes de Comunicacions i Arquitectures de Banda Ampla
dc.description.peerreviewedPeer Reviewed
dc.rights.accessOpen Access
local.identifier.drac4421315
dc.description.versionPostprint (published version)
local.citation.authorParedes Oliva, Ignasi; Dimitropoulos, X.; Molina, M.; Barlet, P.; Brauckhoff, D.
local.citation.contributorACM SIGCOMM Special Interest Group on Data Communications
local.citation.pubplaceNova Delhi
local.citation.publicationNameCompilation Proceeding of SIGCOMM 2010 & the Co-Located Workshops
local.citation.startingPage467
local.citation.endingPage468


Fitxers d'aquest items

Thumbnail
Nom:
Paredes.pdf
Mida:
253,7Kb
Format:
PDF
Visualitza/Obre

Aquest ítem apareix a les col·leccions següents

Mostra el registre d'ítem simple