Bgp dataset generation and feature extraction for anomaly detection
The Border Gateway Protocol (BGP) is the default Internet routing protocol that manages
connectivity among Autonomous Systems (ASes). Although BGP disruptions are rare, when …
connectivity among Autonomous Systems (ASes). Although BGP disruptions are rare, when …
Home-centric visualization of network traffic for security administration
Today's system administrators, burdened by rapidly increasing network activity, must quickly
perceive the security state of their networks, but they often have only text-based tools to work …
perceive the security state of their networks, but they often have only text-based tools to work …
Visual analysis of network traffic for resource planning, interactive monitoring, and interpretation of security threats
The Internet has become a wild place: malicious code is spread on personal computers
across the world, deploying botnets ready to attack the network infrastructure. The vast …
across the world, deploying botnets ready to attack the network infrastructure. The vast …
Portvis: a tool for port-based detection of security events
J McPherson, KL Ma, P Krystosk, T Bartoletti… - Proceedings of the …, 2004 - dl.acm.org
Most visualizations of security-related network data require large amounts of finely detailed,
high-dimensional data. However, in some cases, the data available can only be coarsely …
high-dimensional data. However, in some cases, the data available can only be coarsely …
VIAssist: Visual analytics for cyber defense
JR Goodall, M Sowul - 2009 IEEE conference on technologies …, 2009 - ieeexplore.ieee.org
Analysis of voluminous computer network data has become a common practice for cyber
defense, but few tools provide adequate support for cyber-infrastructure defenders' workflow …
defense, but few tools provide adequate support for cyber-infrastructure defenders' workflow …
An application of machine learning to network intrusion detection
C Sinclair, L Pierce, S Matzner - Proceedings 15th annual …, 1999 - ieeexplore.ieee.org
Differentiating anomalous network activity from normal network traffic is difficult and tedious.
A human analyst must search through vast amounts of data to find anomalous sequences of …
A human analyst must search through vast amounts of data to find anomalous sequences of …
[PDF][PDF] Correlation between netflow system and network views for intrusion detection
We present several ways to correlate security events from two applications that visualize the
same underlying data with two distinct views: system and network. Correlation of security …
same underlying data with two distinct views: system and network. Correlation of security …
[图书][B] Application of machine learning techniques to detecting anomalies in communication networks: Datasets and feature selection algorithms
Detecting, analyzing, and defending against cyber threats is an important topic in cyber
security. Applying machine learning techniques to detect such threats has received …
security. Applying machine learning techniques to detect such threats has received …
Feature selection for classification of BGP anomalies using Bayesian models
Traffic anomalies in communication networks greatly degrade network performance. Early
detection of such anomalies alleviates their effect on network performance. A number of …
detection of such anomalies alleviates their effect on network performance. A number of …
A visualization methodology for characterization of network scans
C Muelder, KL Ma, T Bartoletti - IEEE Workshop on …, 2005 - ieeexplore.ieee.org
Many methods have been developed for monitoring network traffic, both using visualization
and statistics. Most of these methods focus on the detection of suspicious or malicious …
and statistics. Most of these methods focus on the detection of suspicious or malicious …