Monitoring communication networks and their tra c is of essential importance for estimating the risk in the Internet, and therefore designing suited protection systems for computer networks. Network and tra c analysis can be done thanks to measurement devices or honeypots. However, analyzing the huge amount of gathered data, and characterizing the anomalies and attacks contained in these traces remain complex and time consuming tasks, done by network and security experts using poorly automatized tools, and are consequently slow and costly. In this paper, we present an unsupervised algorithm -called UNADA for Unsupervised Network Anomaly Detection Algorithm -for identification and characterization of security related anomalies and attacks occurring in honeypots. This automatized method does not need any attack signature database, learning phase, or labeled tra c. This corresponds to a major step towards autonomous security systems. This paper also shows how it is possible from anomalies characterization results to infer filtering rules that could serve for automatically configuring network routers, switches or firewalls. The performances of UNADA in terms of attacks identification accuracy are evaluated using honeypot tra c traces gathered on the honeypot network of the University of Maryland. The time latency for producing such accurate results are also presented, especially showing how the parallelization capabilities of the algorithm help reducing this latency.