Paper Info
Title
Exploiting dynamicity in graph-based traffic analysis: techniques and applications
Abstract
Network traffic can be represented by a Traffic Dispersion Graph (TDG) that contains an edge between two nodes that send a particular type of traffic (e.g., DNS) to one another. TDGs have recently been proposed as an alternative way to interpret and visualize network traffic. Previous studies have focused on static properties of TDGs using graph snapshots in isolation. In this work, we represent network traffic with a series of related graph instances that change over time. This representation facilitates the analysis of the dynamic nature of network traffic, providing additional descriptive power. For example, DNS and P2P graph instances can appear similar when compared in isolation, but the way the DNS and P2P TDGs change over time differs significantly. To quantify the changes over time, we introduce a series of novel metrics that capture changes both in the graph structure (e.g., the average degree) and the participants (i.e., IP addresses) of a TDG. We apply our new methodologies to improve graph-based traffic classification and to detect changes in the profile of legacy applications (e.g., e-mail).
Year
DOI
Venue
2009
10.1145/1658939.1658967
CoNEXT
Keywords
Field
DocType
graph structure,ip address,graph-based traffic classification,exploiting dynamicity,network traffic,capture change,p2p tdgs change,p2p graph instance,related graph instance,traffic dispersion graph,graph snapshot,graph-based traffic analysis,p2p,traffic classification,network monitoring
Traffic classification,Traffic generation model,Traffic analysis,Computer science,Computer network,Network monitoring,Snapshot (computer storage),Network traffic control,Network traffic simulation,Legacy system,Distributed computing
Conference
Citations 
PageRank 
References 
17
0.89
30
Authors
3
Name
Order
Citations
PageRank
Marios Iliofotou147618.49
Michalis Faloutsos25288586.88
Michael Mitzenmacher37386730.89