Profiling internet backbone traffic: Behavior models and applications

Kuai Xu, Zhi Li Zhang, Supratik Bhattacharyya

Research output: Chapter in Book/Report/Conference proceedingConference contribution

162 Scopus citations

Abstract

Recent spates of cyber-attacks and frequent emergence of applications affecting Internet traffic dynamics have made it imperative to develop effective techniques that can extract, and make sense of, significant communication patterns from Internet traffic data for use in network operations and security management. In this paper, we present a general methodology for building comprehensive behavior profiles of Internet backbone traffic in terms of communication patterns of end-hosts and services. Relying on data mining and information-theoretic techniques, the methodology consists of significant cluster extraction, automatic behavior classification and structural modeling for in-depth interpretive analyses. We validate the methodology using data sets from the core of the Internet. The results demonstrate that it indeed can identify common traffic profiles as well as anomalous behavior patterns that are of interest to network operators and security analysts.

Original languageEnglish (US)
Title of host publicationComputer Communication Review
Pages169-180
Number of pages12
Volume35
Edition4
DOIs
StatePublished - Oct 2005
Externally publishedYes

Keywords

  • Behavior profiles
  • Network monitoring
  • Traffic measurement

ASJC Scopus subject areas

  • Information Systems

Fingerprint Dive into the research topics of 'Profiling internet backbone traffic: Behavior models and applications'. Together they form a unique fingerprint.

  • Cite this

    Xu, K., Zhang, Z. L., & Bhattacharyya, S. (2005). Profiling internet backbone traffic: Behavior models and applications. In Computer Communication Review (4 ed., Vol. 35, pp. 169-180) https://doi.org/10.1145/1090191.1080112