Abstract
This paper presents current work for the detection of anomalies in Netflow records by leveraging a kernel function method. Netflow records are spatially aggregated over time, such that the designed kernel function can capture topological and quantitative changes in network traffic time series.
Chapter PDF
Similar content being viewed by others
References
Cho, K., Kaizaki, R., Kato, A.: Aguri: An Aggregation-Based Traffic Profiler. In: Smirnov, M., Crowcroft, J., Roberts, J., Boavida, F. (eds.) QofIS 2001. LNCS, vol. 2156, pp. 222–242. Springer, Heidelberg (2001)
Culotta, A., Sorensen, J.: Dependency Tree Kernels for Relation Extraction. In: 42nd Ann. Meet. on Association for Computational Linguistics, Spain (2004)
Estan, C.: Building a better NetFlow. In: Proceedings of the 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 245–256 (2004)
Kahn, L., Awad, M., Thuraisungham, B.: A new intrusion detection system using support vector machines and hierarchical clustering. The VLDB Journal 16(4), 507–521 (2007)
Kaizaki, R., Nakamura, O., Murai, J.: Characteristics of Denial of Service Attacks on Internet Using Aguri. In: Kahng, H.-K. (ed.) ICOIN 2003. LNCS, vol. 2662, pp. 849–857. Springer, Heidelberg (2003)
Karagiannis, T., Papagiannaki, K., Faloutsos, M.: BLINC: Multilevel Traffic Classification in the Dark. In: ACM SIGCOMM 2005, Pennsylvania, USA (2005)
Karpilovsky, E., Gerber, A., Pei, D., Rexford, J., Shaikh, A.: Quantifying the Extent of IPv6 Deployment. In: Moon, S.B., Teixeira, R., Uhlig, S. (eds.) PAM 2009. LNCS, vol. 5448, pp. 13–22. Springer, Heidelberg (2009)
Lakhina, A., Crovella, M., Diot, C.: Mining Anomalies Using Traffic Feature Distributions. In: ACM SIGCOMM 2005, Philadelphia, Pennsylvania, USA (2005)
McGregor, A., Hall, M., Lorier, P., Brunskill, J.: Flow Clustering Using Machine Learning Techniques. In: Barakat, C., Pratt, I. (eds.) PAM 2004. LNCS, vol. 3015, pp. 205–214. Springer, Heidelberg (2004)
Morrison, D.R.: PATRICIA- - Practical Algorithm To Retrieve Infromation Coded in Alphanumeric. ACM Journal 15(4), 514–534 (1968)
Paredes-Oliva, I., Barlet-Ros, P., Solé-Pareta, J.: Portscan Detection with Sampled NetFlow. In: Papadopouli, M., Owezarski, P., Pras, A. (eds.) TMA 2009. LNCS, vol. 5537, pp. 26–33. Springer, Heidelberg (2009)
Schoelkopf, B., Smola, J.: Learning with kernels, ch. 1-3. MIT Press (2002)
Vapnik, V.: Statistical Learning Theory. Wiley (1998)
Wagner, C., François, J., State, R., Engel, T.: Machine Learning Approach for IP-Flow Record Anomaly Detection. In: Domingo-Pascual, J., Manzoni, P., Palazzo, S., Pont, A., Scoglio, C. (eds.) NETWORKING 2011, Part I. LNCS, vol. 6640, pp. 28–39. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Wagner, C., Engel, T. (2012). Detecting Anomalies in Netflow Record Time Series by Using a Kernel Function. In: Sadre, R., Novotný, J., Čeleda, P., Waldburger, M., Stiller, B. (eds) Dependable Networks and Services. AIMS 2012. Lecture Notes in Computer Science, vol 7279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30633-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-30633-4_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30632-7
Online ISBN: 978-3-642-30633-4
eBook Packages: Computer ScienceComputer Science (R0)