See this document in CiteSeerX!

Characteristics of Network Traffic Flow Anomalies (2001)  (Make Corrections)  (17 citations)
Paul Barford, David Plonka



  Home/Search   Context   Related

Links:   ACM   DBLP

 
View or download:
aciri.org/vern/imw2001/imw2...47.ps.gz
wisc.edu/~pb/pbdp_imw_01.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  aciri.org/vern/imw2001...program (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: INTRODUCTION One of the primary tasks of network administrators is monitoring routers and switches for anomalous traffic behavior such as outages, configuration changes, flash crowds and abuse. Recognizing and identifying anomalous behavior is often based on ad hoc methods developed from years of experience in managing networks. A variety of commercial and open source tools have been developed to assist in this process, however these require policies and/or or thresholds to be defined by the... (Update)

Cited by:   More
A Visualization Tool For Situational Awareness Of Tactical.. - Security Events On   (Correct)
NetFlow: Information loss or win? - Robin Sommer And   (Correct)
Online Identification of Hierarchical Heavy Hitters: .. - Zhang, Singh, Sen..   (Correct)

Active bibliography (related documents):   More   All
0.8:   A Signal Analysis of Network Traffic Anomalies - Barford, Kline, Plonka, Ron (2002)   (Correct)
0.4:   Sketch-based Change Detection: Methods, Evaluation, and.. - Subhabrata   (Correct)
0.3:   An Empirical Analysis of Target-Resident DoS Filters.. - Collins, Reiter (2004)   (Correct)

Similar documents based on text:   More   All
0.4:   Controlling High Bandwidth Aggregates in the Network - Mahajan, Bellovin, Floyd.. (2001)   (Correct)
0.4:   NetFlow: Information Loss or Win? - Sommer, Feldmann (2002)   (Correct)
0.4:   Controlling High Bandwidth Aggregates in the.. - Mahajan.. (2001)   (Correct)

Related documents from co-citation:   More   All
10:   Fault detection in an ethernet network using anomaly signature matching (context) - Feather, Slewlorek et al. - 1993
8:   A signal analysis of network traffic anomalies - Barford, Kline et al. - 2002
8:   Forecasting and Control (context) - GP, GM et al. - 1970

BibTeX entry:   (Update)

P. Barford and D. Plonka. Characteristics of Network Traffic Flow Anomalies. In Proceedings of the ACM SIGCOMM Internet Measurement Workshop, Nov. 2001. http://citeseer.ist.psu.edu/barford01characteristics.html   More

@misc{ barford01characteristics,
  author = "P. Barford and D. Plonka",
  title = "Characteristics of Network Traffic Flow Anomalies",
  text = "P. Barford and D. Plonka. Characteristics of Network Traffic Flow Anomalies.
    In Proceedings of the ACM SIGCOMM Internet Measurement Workshop, Nov. 2001.",
  year = "2001",
  url = "citeseer.ist.psu.edu/barford01characteristics.html" }
Citations (may not include all citations):
610   Wide-area traffic: The failure of poisson modeling - Paxson, Floyd - 1995  DBLP
454   Selfsimilarity through high-variability: Statistical analysi.. - Willinger, Taqqu et al. - 1997
192   Measurements and Analysis of End-to-End Internet Dynamics - Paxson - 1997  ACM
123   Bro: A system for detecting network intruders in real-time - Paxson - 1999
104   Wavelet analysis of long range dependent traffic - Abry, Veitch - 1998
25   A neural network approach towards intrusion detection (context) - Fox, Henning et al. - 1990
24   Measurements of wide-area Internet traffic - Caceres - 1989
24   Internet Traffic Characterization - Claffy - 1994  ACM
21   Proactive network fault detection - Hood, Ji - 1997  ACM   DBLP
19   Aberrant behavior detection in time series for network monit.. (context) - Brutlag - 2000
16   Fault detection in an ethernet network using anomaly signatu.. (context) - Feather, Siewiorek et al. - 2000  ACM   DBLP
14   A markov chain model of temporal behavior for anomaly detect.. - Ye - 2000
12   Flowscan: A network traffic flow reporting and visualization.. (context) - Plonka - 2000
10   Inferring internet denialof -service activity (context) - Moore, Voelker et al.
8   Internet traffic flow profiling (context) - Claffy, Polyzos et al. - 1989
6   Supporting intrusion detection by graph clustering and graph.. (context) - Toelle, Niggemann
5   Controlling high bandwidth aggregates in the network (context) - Manajan, Bellovin et al. - 2001  ACM
1   Schemes for fault identificaiton in communicaitons networks (context) - Katzela, Schwartz - 1995
http://www.cisco.com/wrap/public/732/netflow



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www.aciri.org/vern/imw-2001/program.html):   More
Measurement Study of Low-bitrate Internet Video Streaming - Loguinov, Radha (2001)   (Correct)
DNS Performance and the Effectiveness of Caching - Jung, Sit, Balakrishnan, Morris (2001)   (Correct)
An Empirical Study of RealVideo Performance across . . . - Wang, Claypool, al. (2001)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC