Name
Abstract | ||
|---|---|---|
Profiling is emerging as a useful tool for a variety of diagnosis and security applications. Existing profiles are often narrowly focused in terms of the data they capture or the application they target. In this paper, we seek to design general end-host profiles capable of capturing and representing a broad range of user activity and behavior. We first present a novel methodology to profiling that uses a graph-based structure to represent and distill flow level information at the transport layer. Second, we develop mechanisms to: (a) summarize the information, and (b) adaptively evolve it over time.We conduct an initial study of our profiles on real user data, and observe that our method generates a compact, robust and intuitive description of user behavior. |
Year | Venue | Keywords |
|---|---|---|
2007 | PAM | novel methodology,graph-based structure,user behavior,distill flow level information,user activity,broad range,general end-host profile,end host,intuitive description,initial study,real user data,transport layer |
Field | DocType | Volume |
Anomaly detection,Graph,Data mining,Port (computer networking),Computer science,Profiling (computer programming),Transport layer,Intrusion detection system | Conference | 4427 |
ISSN | Citations | PageRank |
0302-9743 | 40 | 2.36 |
References | Authors | |
8 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Thomas Karagiannis | 1 | 3241 | 184.18 |
| Konstantina Papagiannaki | 2 | 4094 | 304.11 |
| Nina Taft | 3 | 2109 | 154.92 |
| Michalis Faloutsos | 4 | 5288 | 586.88 |