Echidna: Efficient Clustering of Hierarchical Data for Network Traffic Analysis

  • Abdun Naser Mahmood
  • Christopher Leckie
  • Parampalli Udaya
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3976)


There is significant interest in the network management community about the need to improve existing techniques for clustering multi-variate network traffic flow records so that we can quickly infer underlying traffic patterns. In this paper we investigate the use of clustering techniques to identify interesting traffic patterns in an efficient manner. We develop a framework to deal with mixed type attributes including numerical, categorical and hierarchical attributes for a one-pass hierarchical clustering algorithm. We demonstrate the improved accuracy and efficiency of our approach in comparison to previous work on clustering network traffic.


Leaf Node Traffic Flow Network Traffic Categorical Attribute Cluster Feature 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
  2. 2.
    Estan, C., Savage, S., Varghese, G.: Automatically Inferring Patterns of Resource Consumption in Network Traffic problem. In: Proceedings of SIGCOMM 2003 (2003)Google Scholar
  3. 3.
    Zhang, T., Ramakrishnan, R., Livny, M.: Birch: an efficient data clustering method for very large databases. In: Proceedings of the 1996 ACM SIGMOD International Conference on Management of Data, pp. 103–114 (1996)Google Scholar
  4. 4.
  5. 5.
    Medina, A., Salamatian, K., Taft, N., Matta, I., Diot, C.: A Two-step Statistical Approach for Inferring Network Traffic Demands (Revises Technical Report BUCS-TR-2003-003)Google Scholar
  6. 6.
    Lakhina, A., Papagiannaki, K., Crovella, M., Diot, C., Kolaczyk, E., Taft, N.: Structural analysis of network traffic flows. In: Proceedings of ACM SIGMETRICS (June 2004)Google Scholar
  7. 7.
    Lakhina, A., Crovella, M., Diot, C.: Characterization of Network-Wide Anomalies in Traffic Flows. Technical Report BUCS-2004-020, Boston University (2004)Google Scholar
  8. 8.
    Lan, K., Heidemann, J.: On the correlation of Internet flow characteristics. Technical Report ISI-TR-574, USC/Information Sciences Institute (July 2003)Google Scholar
  9. 9.
    Claffy, K.C., Pluyzos, G.C., Braun, H.W.: Applications of Sampling Methodologies to Network Traffic Characterization. In: Proceeding of ACM SIGCOMM (1993)Google Scholar
  10. 10.
    Mahmood, A., Leckie, C., Udaya, P.: Echidna: Efficient Clustering of Hierarchical Data for Network Analysis,

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Abdun Naser Mahmood
    • 1
  • Christopher Leckie
    • 1
  • Parampalli Udaya
    • 1
  1. 1.Department of Computer Science and Software EngineeringUniversity of MelbourneAustralia

Personalised recommendations