Mining Unclassified Traffic Using Automatic Clustering Techniques

Item Type: Proceeding
MIUR type: Proceedings > Proceedings
Title: Mining Unclassified Traffic Using Automatic Clustering Techniques
Authors string: Alessandro Finamore, Marco Mellia, Michela Meo
University authors:
Page Range: pp. 150-163
Journal or Publication Title: LECTURE NOTES IN COMPUTER SCIENCE
Referee type: Scientific committee
Publisher: Springer
ISBN: 9783642203046
ISSN: 0302-9743
Volume: 6613
Event Title: Traffic Monitoring and Analysis
Event Location: Vienna
Event Dates: 27/4/2011
Abstract: In this paper we present a fully unsupervised algorithm to identify classes of traffic inside an aggregate. The algorithm leverages on the K-means clustering algorithm, augmented with a mechanism to automatically determine the number of traffic clusters. The signatures used for clustering are statistical representations of the application layer protocols. The proposed technique is extensively tested considering UDP traffic traces collected from operative networks. Performance tests show that it can clusterize the traffic in few tens of pure clusters, achieving an accuracy above 95%. Results are promising and suggest that the proposed approach might effectively be used for automatic traffic monitoring, e.g., to identify the birth of new applications and protocols, or the presence of anomalous or unexpected traffic
Date: 2011
Status: Published
Language of publication: English
Uncontrolled Keywords: data mining, internet traffic monitoring
Departments (original): DELEN - Electronics
Departments: DET - Department of Electronics and Telecommunications
Related URLs:
Subjects: Area 09 - Ingegneria industriale e dell'informazione > TELECOMUNICAZIONI
Date Deposited: 25 Feb 2012 23:02
Last Modified: 21 Feb 2014 01:05
Id Number (DOI): 10.1007/978-3-642-20305-3_13
Permalink: http://porto.polito.it/id/eprint/2495549
Linksolver URL: Linksolver link
Citations:

This field presents the citations number present on Scopus and Web of Science databases e links to the remote records. Also Google Scholar link is present.

There may be discrepancies with respect to the data in databases for the following reasons:

  • Differences from fields (title, year,...) in UGOV and those in the databases.
  • PORTO citations are extracted monthly. The db is in real time
  • The WoS citation number reflect the collections subscribed by Politecnico (Science citation index Expanded and Conference Proceedings Citation Index)

For informations contact scrivia/porto

+
-

Documents

[img] PDF (paper) - Postprint
Document access: Not visible (accessible only to the record owner)
Licence: Not public - Private access / Restricted.

Download (264Kb) | Send a request to the author for a copy of the paper
[img] PDF (paper2) - Preprint
Document access: Not visible (accessible only to the record owner)
Licence: Not public - Private access / Restricted.

Download (208Kb) | Send a request to the author for a copy of the paper

Actions (login required)

View Item View Item