ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Network monitoring using traffic dispersion graphs (tdgs)
Full text PdfPdf (1.21 MB)
Source
Internet Measurement Conference archive
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement table of contents
San Diego, California, USA
SESSION: Measurements II table of contents
Pages: 315 - 320  
Year of Publication: 2007
ISBN:978-1-59593-908-1
Authors
Marios Iliofotou  University of California: Riverside, Riverside, CA
Prashanth Pappu  Rinera Networks, San Mateo, CA
Michalis Faloutsos  University of California: Riverside, Riverside, CA
Michael Mitzenmacher  Harvard University, Boston, MA
Sumeet Singh  Cisco Systems: Inc., San Jose, CA
George Varghese  University of California: San Diego, San Diego, CA
Sponsors
SIGCOMM: ACM Special Interest Group on Data Communication
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 13,   Downloads (12 Months): 131,   Citation Count: 4
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1298306.1298349
What is a DOI?

ABSTRACT

Monitoring network traffic and detecting unwanted applications has become a challenging problem, since many applications obfuscate their traffic using unregistered port numbers or payload encryption. Apart from some notable exceptions, most traffic monitoring tools use two types of approaches: (a) keeping traffic statistics such as packet sizes and interarrivals, flow counts, byte volumes, etc., or (b) analyzing packet content. In this paper, we propose the use of Traffic Dispersion Graphs (TDGs) as a way to monitor, analyze, and visualize network traffic. TDGs model the social behavior of hosts ("who talks to whom"), where the edges can be defined to represent different interactions (e.g. the exchange of a certain number or type of packets). With the introduction of TDGs, we are able to harness a wealth of tools and graph modeling techniques from a diverse set of disciplines.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
W. Aiello, C. Kalmanek, P. McDaniel, S. Sen, O. Spatscheck, and J. Merwe. Analysis of Communities of Interest in Data Networks. In Passive and Active Measurement Conference (PAM), 2005.
 
2
S. Cheung et al. The Design of GrIDS: A Graph-Based Intrusion Detection System. UCD TR-CSE-99-2, 1999.
 
3
Mark Crovella , Balachander Krishnamurthy, Internet Measurement: Infrastructure, Traffic and Applications, John Wiley & Sons, Inc., New York, NY, 2006
 
4
D. Ellis, J. Aiken, A. McLeod, and D. Keppler. Graph-based Worm Detection on Operational Enterprise Networks. Technical Report MITRE Corporation, 2006.
5
Patrick Haffner , Subhabrata Sen , Oliver Spatscheck , Dongmei Wang, ACAS: automated construction of application signatures, Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data, August 26-26, 2005, Philadelphia, Pennsylvania, USA  [doi>10.1145/1080173.1080183]
6
Thomas Karagiannis , Konstantina Papagiannaki , Michalis Faloutsos, BLINC: multilevel traffic classification in the dark, Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, August 22-26, 2005, Philadelphia, Pennsylvania, USA
7
Justin Ma , Kirill Levchenko , Christian Kreibich , Stefan Savage , Geoffrey M. Voelker, Unexpected means of protocol inference, Proceedings of the 6th ACM SIGCOMM conference on Internet measurement, October 25-27, 2006, Rio de Janeriro, Brazil  [doi>10.1145/1177080.1177123]
8
Priya Mahadevan , Dmitri Krioukov , Kevin Fall , Amin Vahdat, Systematic topology analysis and generation using degree correlations, Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, September 11-15, 2006, Pisa, Italy
9
Andrew W. Moore , Denis Zuev, Internet traffic classification using bayesian analysis techniques, Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, June 06-10, 2005, Banff, Alberta, Canada
 
10
Mark Newman , Albert-Laszlo Barabasi , Duncan J. Watts, The Structure and Dynamics of Networks: (Princeton Studies in Complexity), Princeton University Press, Princeton, NJ, 2006
 
11
Godfrey Tan , Massimiliano Poletto , John Guttag , Frans Kaashoek, Role classification of hosts within enterprise networks based on connection patterns, Proceedings of the annual conference on USENIX Annual Technical Conference, p.2-2, June 09-14, 2003, San Antonio, Texas
12
Kuai Xu , Zhi-Li Zhang , Supratik Bhattacharyya, Profiling internet backbone traffic: behavior models and applications, Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, August 22-26, 2005, Philadelphia, Pennsylvania, USA
13
Haifeng Yu , Michael Kaminsky , Phillip B. Gibbons , Abraham Flaxman, SybilGuard: defending against sybil attacks via social networks, Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, September 11-15, 2006, Pisa, Italy

CITED BY  4
Saket Navlakha , Rajeev Rastogi , Nisheeth Shrivastava, Graph summarization with bounded error, Proceedings of the 2008 ACM SIGMOD international conference on Management of data, June 09-12, 2008, Vancouver, Canada
Hyunchul Kim , KC Claffy , Marina Fomenkov , Dhiman Barman , Michalis Faloutsos , KiYoung Lee, Internet traffic classification demystified: myths, caveats, and the best practices, Proceedings of the 2008 ACM CoNEXT Conference, p.1-12, December 09-12, 2008, Madrid, Spain
Ruben D. Torres , Mohammad Y. Hajjat , Sanjay G. Rao , Marco Mellia , Maurizio M. Munafo, Inferring undesirable behavior from P2P traffic analysis, Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems, June 15-19, 2009, Seattle, WA, USA
Yu Jin , Esam Sharafuddin , Zhi-Li Zhang, Unveiling core network-wide communication patterns through application traffic activity graph decomposition, Proceedings of the eleventh international joint conference on Measurement and modeling of computer systems, June 15-19, 2009, Seattle, WA, USA

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.3 Network Operations
          Subjects: Network monitoring

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.5 Local and Wide-Area Networks
          Subjects: Internet (e.g., TCP/IP)


General Terms:
Experimentation, Measurement, Security


Keywords:
behavioral approach, hosts' connection graphs, network monitoring, network traffic visualization

Collaborative Colleagues:
Marios Iliofotou: colleagues
Prashanth Pappu: colleagues
Michalis Faloutsos: colleagues
Michael Mitzenmacher: colleagues
Sumeet Singh: colleagues
George Varghese: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player