论文信息 - Graph Based Statistical Analysis of Network Traffic

Graph Based Statistical Analysis of Network Traffic

We propose a method for analyzing traffic data in large computer networks such as big enterprise networks or the Internet. Our approach combines graph theoretical representation of the data and graph analysis with novel statistical methods for discovering pattern and time-related anomalies. We model the traffic as a graph and use temporal characteristics of the data in order to decompose it into subgraphs corresponding to individual sessions, whose characteristics are then analyzed using statistical methods. The goal of that analysis is to discover patterns in the network traffic data that might indicate intrusion activity or other malicious behavior.

S. V. Wiel | H. Djidjev | C. Storlie | G. Sandine

[1] Nathan Mantel,et al. A lofistic rlgression analysis of response-time data where the hazard function is time dependent , 1978 .

[2] Joseph Naus,et al. Approximations for Distributions of Scan Statistics , 1982 .

[3] R. Dennis Cook,et al. Cross-Validation of Regression Models , 1984 .

[4] Wolfgang Gawronski,et al. Analytic properties of noncentral distributions , 2003, Appl. Math. Comput..

[5] Diane J. Cook,et al. Graph-based anomaly detection , 2003, KDD '03.

[6] David J. Marchette,et al. Scan Statistics on Enron Graphs , 2005, Comput. Math. Organ. Theory.

[7] C HUANHAI. Adaptive Thresholds : Monitoring Streams of Network Counts Online , 2006 .

[8] Joseph Naus,et al. Temporal surveillance using scan statistics , 2006, Statistics in medicine.

[9] Michael K. Reiter,et al. Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs , 2007, RAID.

[10] Michael Mitzenmacher,et al. Network Traffic Analysis using Traffic Dispersion Graphs (TDGs): Techniques and Hardware Implementation , 2007 .

[11] Michael Collins,et al. A protocol graph based anomaly detection system , 2008 .

[12] Michalis Faloutsos,et al. Exploiting dynamicity in graph-based traffic analysis: techniques and applications , 2009, CoNEXT '09.

[13] D. Hand,et al. Bayesian anomaly detection methods for social networks , 2010, 1011.1788.