Automating root-cause analysis of network anomalies using frequent itemset mining

13 years 4 months ago

Download conferences.sigcomm.org

Finding the root-cause of a network security anomaly is essential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two networks. In this demonstration, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the G

Ignasi Paredes-Oliva, Xenofontas A. Dimitropoulos,

Real-time Traffic

Anomalous Flows | Commercial Anomaly Detector | Communications | Frequent Itemset Mining | SIGCOMM 2010 |

claim paper

» Towards automated performance diagnosis in a large IPTV network

» Pinpoint Problem Determination in Large Dynamic Internet Services

» A CompressBased Association Mining Algorithm for Large Dataset

» Summarization Compressing Data into an Informative Representation

» Modeling a Stores Product Space as a Social Network

» Mining Attributestructure Correlated Patterns in Large Attributed Graphs

» BAYDA Software for Bayesian Classification and Feature Selection

Post Info
More Details (n/a)

Added	06 Dec 2010
Updated	06 Dec 2010
Type	Conference
Year	2010
Where	SIGCOMM
Authors	Ignasi Paredes-Oliva, Xenofontas A. Dimitropoulos, Maurizio Molina, Pere Barlet-Ros, Daniela Brauckhoff

Comments (0)

Sciweavers

Automating root-cause analysis of network anomalies using frequent itemset mining

Anomalous Flows | Commercial Anomaly Detector | Communications | Frequent Itemset Mining | SIGCOMM 2010 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers