Carregant...
Carregant...

Vés al contingut (premeu Retorn)

Automating Root-Cause Analysis of Network Anomalies using Frequent Itemset Mining

Autor
Paredes Oliva, Ignasi; Dimitropoulos, X.; Molina, M.; Barlet, P.; Brauckhoff, D.
Tipus d'activitat
Article en revista
Revista
Computer communication review
Data de publicació
2010-10
Volum
40
Número
4
Pàgina inicial
467
Pàgina final
468
DOI
https://doi.org/10.1145/1851275.1851267 Obrir en finestra nova
URL
http://conferences.sigcomm.org/sigcomm/2010/papers/sigcomm/p467.pdf Obrir en finestra nova
Resum
Finding the root-cause of a network security anomaly is essential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two net...
Paraules clau
Anomaly extraction, Design, Experimentation, Measurement, Security, Verification, anomaly validation, association rules
Grup de recerca
CBA - Sistemes de Comunicacions i Arquitectures de Banda Ampla

Participants

  • Paredes Oliva, Ignasi  (autor)
  • Dimitropoulos, Xenofontas  (autor)
  • Molina, Mauricio  (autor)
  • Barlet Ros, Pere  (autor)
  • Brauckhoff, Daniela  (autor)