Uncovering Relations Between Traffic Classifiers and Anomaly Detectors via Graph Theory - Archive ouverte HAL Access content directly
Conference Papers Year : 2010

Uncovering Relations Between Traffic Classifiers and Anomaly Detectors via Graph Theory

(1, 2) , (3) , (3) , (2)
1
2
3

Abstract

Network trac classification and anomaly detection have received much attention in the last few years. However, due to the the lack of common ground truth, proposed methods are evaluated through di- verse processes that are usually neither comparable nor reproducible. Our final goal is to provide a common dataset with associated ground truth resulting from the cross-validation of various algorithms. This paper deals with one of the substantial issues faced in achieving this ambitious goal: relating outputs from various algorithms. We propose a general methodology based on graph theory that relates outputs from diverse algorithms by taking into account all reported information. We validate our method by comparing results of two anomaly detectors which report traffic at different granularities. The proposed method succesfully identified simi- larities between the outputs of the two anomaly detectors although they report distinct features of the traffic.
Fichier principal
Vignette du fichier
fontugne_tma2010.pdf (224.42 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

ensl-00476021 , version 1 (23-04-2010)

Identifiers

  • HAL Id : ensl-00476021 , version 1

Cite

Romain Fontugne, Pierre Borgnat, Patrice Abry, Kensuke Fukuda. Uncovering Relations Between Traffic Classifiers and Anomaly Detectors via Graph Theory. COST-TMA (Traffic Measurement & Analysis) Workshop 2010, Apr 2010, Zurich, Switzerland. pp.101-114. ⟨ensl-00476021⟩
313 View
711 Download

Share

Gmail Facebook Twitter LinkedIn More