Uncovering Relations Between Traffic Classifiers and Anomaly Detectors via Graph Theory

Romain Fontugne 1, 2 Pierre Borgnat 3 Patrice Abry 3 Kensuke Fukuda 2
1 The Graduate University for Advanced Studies
2 NII - National Institute of Informatics
3 Phys-ENS - Laboratoire de Physique de l'ENS Lyon
Abstract : Network trac classification and anomaly detection have received much attention in the last few years. However, due to the the lack of common ground truth, proposed methods are evaluated through di- verse processes that are usually neither comparable nor reproducible. Our final goal is to provide a common dataset with associated ground truth resulting from the cross-validation of various algorithms. This paper deals with one of the substantial issues faced in achieving this ambitious goal: relating outputs from various algorithms. We propose a general methodology based on graph theory that relates outputs from diverse algorithms by taking into account all reported information. We validate our method by comparing results of two anomaly detectors which report traffic at different granularities. The proposed method succesfully identified simi- larities between the outputs of the two anomaly detectors although they report distinct features of the traffic.
Keywords : Internet Traffic Classification Anomaly Detection Benchmarking Graph Community Detection
Document type :
Conference papers
Complete list of metadatas

Cited literature [20 references]  Display  Hide  Download
https://hal-ens-lyon.archives-ouvertes.fr/ensl-00476021
Contributor : Pierre Borgnat <>
Submitted on : Friday, April 23, 2010 - 2:40:12 PM
Last modification on : Tuesday, November 19, 2019 - 2:43:59 AM
Long-term archiving on : Monday, October 22, 2012 - 3:22:27 PM

File

fontugne_tma2010.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : ensl-00476021, version 1

Collections

CNRS | ENS-LYON | UNIV-LYON1 | UDL

Citation

Romain Fontugne, Pierre Borgnat, Patrice Abry, Kensuke Fukuda. Uncovering Relations Between Traffic Classifiers and Anomaly Detectors via Graph Theory. COST-TMA (Traffic Measurement & Analysis) Workshop 2010, Apr 2010, Zurich, Switzerland. pp.101-114. ⟨ensl-00476021⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics

Record views

456

Files downloads

529

Contact

CCSD