Tag Archives: Anomaly detection

new conference paper “Detecting Malicious Activity with DNS Backscatter”

The paper “Detecting Malicious Activity with DNS Backscatter” will appear at the ACM Internet Measurements Conference in October 2015 in Tokyo, Japan.  A copy is available at http://www.isi.edu/~johnh/PAPERS/Fukuda15a.pdf). From the abstract: Network-wide activity is when one computer (the originator) touches many … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

new conference paper “Low-Rate, Flow-Level Periodicity Detection” at Global Internet 2011

The paper “Low-Rate, Flow-Level Periodicity Detection”, by Genevieve Bartlett, John Heidemann, and Christos Papadopoulos is being presented at IEEE Global Internet 2011 in Shanghai, China this week. The full text is available at http://www.isi.edu/~johnh/PAPERS/Bartlett11a.pdf. The abstract summarizes the work: As … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , | Leave a comment

New journal paper “Parametric Methods for Anomaly Detection in Aggregate Traffic” to appear in TON

The paper “Parametric Methods for Anomaly Detection in Aggregate Traffic” was accepted for publication in ACM/IEEE Transactions on Networking (available at http://www.isi.edu/~johnh/PAPERS/Thatte10a.html). From the abstract: This paper develops parametric methods to detect network anomalies using only aggregate traffic statistics, in … Continue reading

Posted in Uncategorized | Tagged , , , , , , | Leave a comment

New conference paper “Improved Internet Traffic Analysis via Optimized Sampling”

The paper “Improved Internet Traffic Analysis via Optimized Sampling” (available at PDF Format) was accepted to ICASSP 2010. The focus of this paper is on the best down-sampling methods to use when measuring internet traffic in order preserve signal information … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment

New tech report “Analysis of Internet Measurement Systems for Optimized Anomaly Detection System Design”

A new tech report has been posted to the Arxiv database at http://arxiv.org/abs/0907.5233. This paper shows the effect of a software based measurement system on the timing of the measurements obtained. Additionally this paper develops a period signal detection method … Continue reading

Posted in Uncategorized | Tagged , , , | Leave a comment

new tech report “Parametric Methods for Anomaly Detection in Aggregate Traffic”

We just posted a tech report “Parametric Methods for Anomaly Detection in Aggregate Traffic” at <ftp://ftp.isi.edu/isi-pubs/tr-663.pdf>. This paper represents quite a bit of work looking at how to apply parametric detection as part of the NSF-sponsored MADCAT project. From the … Continue reading

Posted in Uncategorized | Tagged , , | Leave a comment