Sciweavers

SIGCOMM
2010
ACM

Automating root-cause analysis of network anomalies using frequent itemset mining

14 years 15 days ago
Automating root-cause analysis of network anomalies using frequent itemset mining
Finding the root-cause of a network security anomaly is essential for network operators. In our recent work [1, 5], we introduced a generic technique that uses frequent itemset mining to automatically extract and summarize the traffic flows causing an anomaly. Our evaluation using two different anomaly detectors (including a commercial one) showed that our approach works surprisingly well extracting the anomalous flows in most studied cases using sampled and unsampled NetFlow traces from two networks. In this demonstration, we will showcase an open-source anomaly-extraction system based on our technique, which we integrated with a commercial anomaly detector and use in the NOC of the G
Ignasi Paredes-Oliva, Xenofontas A. Dimitropoulos,
Added 06 Dec 2010
Updated 06 Dec 2010
Type Conference
Year 2010
Where SIGCOMM
Authors Ignasi Paredes-Oliva, Xenofontas A. Dimitropoulos, Maurizio Molina, Pere Barlet-Ros, Daniela Brauckhoff
Comments (0)