Abstract | ||
---|---|---|
Network traffic can be represented by a Traffic Dispersion Graph (TDG) that contains an edge between two nodes that send a particular type of traffic (e.g., DNS) to one another. TDGs have recently been proposed as an alternative way to interpret and visualize network traffic. Previous studies have focused on static properties of TDGs using graph snapshots in isolation. In this work, we represent network traffic with a series of related graph instances that change over time. This representation facilitates the analysis of the dynamic nature of network traffic, providing additional descriptive power. For example, DNS and P2P graph instances can appear similar when compared in isolation, but the way the DNS and P2P TDGs change over time differs significantly. To quantify the changes over time, we introduce a series of novel metrics that capture changes both in the graph structure (e.g., the average degree) and the participants (i.e., IP addresses) of a TDG. We apply our new methodologies to improve graph-based traffic classification and to detect changes in the profile of legacy applications (e.g., e-mail). |
Year | DOI | Venue |
---|---|---|
2009 | 10.1145/1658939.1658967 | CoNEXT |
Keywords | Field | DocType |
graph structure,ip address,graph-based traffic classification,exploiting dynamicity,network traffic,capture change,p2p tdgs change,p2p graph instance,related graph instance,traffic dispersion graph,graph snapshot,graph-based traffic analysis,p2p,traffic classification,network monitoring | Traffic classification,Traffic generation model,Traffic analysis,Computer science,Computer network,Network monitoring,Snapshot (computer storage),Network traffic control,Network traffic simulation,Legacy system,Distributed computing | Conference |
Citations | PageRank | References |
17 | 0.89 | 30 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Marios Iliofotou | 1 | 476 | 18.49 |
Michalis Faloutsos | 2 | 5288 | 586.88 |
Michael Mitzenmacher | 3 | 7386 | 730.89 |