2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) 2011
DOI: 10.1109/infcomw.2011.5928922
|View full text |Cite
|
Sign up to set email alerts
|

Low-rate, flow-level periodicity detection

Abstract: Abstract-As desktops and servers become more complicated, they employ an increasing amount of automatic, non-user initiated communication. Such communication can be good (OS updates, RSS feed readers, and mail polling), bad (keyloggers, spyware, and botnet command-and-control), or ugly (adware or unauthorized peer-to-peer applications). Communication in these applications is often regular, but with very long periods, ranging from minutes to hours. This infrequent communication and the complexity of today's sys… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
12
0
1

Year Published

2013
2013
2020
2020

Publication Types

Select...
5
2
2

Relationship

0
9

Authors

Journals

citations
Cited by 16 publications
(13 citation statements)
references
References 13 publications
0
12
0
1
Order By: Relevance
“…Barford P. et al [84] 4 Local variance shift using wavelets >100 DoS Magnaghi A. et al [89] 4 Locality principle measure TCP-DoS Bartlett G. et al [85] 2 Iterated filtering Low-rate Carl G. et al [86] 3 Change points in the CUSUM DoS Hamdi M. et al [87] 5 Lipschitz singularities DoS Lu W. et al [88] 15 ARX model DoS Dainotti A. et al [91] CUSUM & Adaptive Threshold DoS Li L. et al [92] 5 Energy distribution variation DDoS flood Chen Y. et al [70] 5 Gaussian distribution, DFT RoQ P*: Number of Parameters…”
Section: Table 2 Comparison Of Spectral Anomaly Detection Techniquesmentioning
confidence: 99%
“…Barford P. et al [84] 4 Local variance shift using wavelets >100 DoS Magnaghi A. et al [89] 4 Locality principle measure TCP-DoS Bartlett G. et al [85] 2 Iterated filtering Low-rate Carl G. et al [86] 3 Change points in the CUSUM DoS Hamdi M. et al [87] 5 Lipschitz singularities DoS Lu W. et al [88] 15 ARX model DoS Dainotti A. et al [91] CUSUM & Adaptive Threshold DoS Li L. et al [92] 5 Energy distribution variation DDoS flood Chen Y. et al [70] 5 Gaussian distribution, DFT RoQ P*: Number of Parameters…”
Section: Table 2 Comparison Of Spectral Anomaly Detection Techniquesmentioning
confidence: 99%
“…In this case, lexical or keywords features might be compromised. Bartlett et al [17] proposed an approach to identify low-rate periodic network traffic and changes in regular communication of autoware. Their research also focuses on many types of autoware and monitor TCP flows to detect, but, in this paper, the target does not just focus only on detecting general types of autoware but also on particular URLs where autoware request to.…”
Section: Related Workmentioning
confidence: 99%
“…Spectral techniques have also been employed to identify bottleneck links [9] and routing information. G. Bartlett et al in [14] look at periodicity between flows to identify hosts which maintain regular contact while considering low frequency behavior under long observation windows and use iterated filtering for full decomposition. Carl et al in [10] applied wavelets transform for detecting change-points in the Cumulative SUM (CUSUM) statistic.…”
Section: Related Workmentioning
confidence: 99%