Network security management with traffic pattern clustering

被引:0
作者
Tao-Wei Chiou
Shi-Chun Tsai
Yi-Bing Lin
机构
[1] National Chiao Tung University,Department of Computer Science
来源
Soft Computing | 2014年 / 18卷
关键词
Clustering; Machine learning; Jaccard similarity ; ROC curve; Denial of service; Big data;
D O I
暂无
中图分类号
学科分类号
摘要
Profiling network traffic pattern is an important approach for tackling network security problem. Based on campus network infrastructure, we propose a new method to identify randomly generated domain names and pinpoint the potential victim groups. We characterize normal domain names with the so called popular 2gram (2 consecutive characters in a word) to distinguish between active and nonexistent domain names. We also track the destination IPs of sources IPs and analyze their similarity of connection pattern to uncover potential anomalous group network behaviors. We apply the Hadoop technique to deal with the big data of network traffic and classify the clients as victims or not with the spectral clustering method.
引用
收藏
页码:1757 / 1770
页数:13
相关论文
共 12 条
[1]  
Cheetham AH(1969)Binary (presence–absence) similarity coefficients J Paleontol 43 1130-1136
[2]  
Hazel JE(2013)Network anomaly detection with the restricted Boltzmann machine Neurocomputing 122 13-23
[3]  
Fiore U(2012)Design of categorization mechanism for disaster-information-gathering system J Wirel Mob Netw Ubiquitous Comput Dependable Appl 3 21-34
[4]  
Palmieri F(2007)A tutorial on spectral clustering Stat Comput 17 395-416
[5]  
Castiglione A(2009)A nonlinear, recurrence-based approach to traffic classification Comput Netw 53 761-773
[6]  
De Santis A(undefined)undefined undefined undefined undefined-undefined
[7]  
Kiyomoto S(undefined)undefined undefined undefined undefined-undefined
[8]  
Fukushima K(undefined)undefined undefined undefined undefined-undefined
[9]  
Miyake Y(undefined)undefined undefined undefined undefined-undefined
[10]  
Luxburg UV(undefined)undefined undefined undefined undefined-undefined
12