Overview
...
| Wiki Markup |
|---|
In this project we study and investigate network anomaly detection algorithms \[1\] \[2\] \[3\] for Internet Paths. We also develop a _Decision Theoretic Approach_ based on our observations about the characteristics of the performance measurements statistics obtained from the [IEPM-BW] project. |
To study and compare the algorithms we use the data sets collected by IEPM-BW starting November 2006 up till March 2008 (approximately 12,000 hours). The Internet paths observed were the links between Stanford Linear Accelerator Center (SLAC) and the following sites:
- San Diego Supercomputing Center (SDSC) USA,
- Oak Ridge National Laboratory (ORNL) USA,
- European Organization for Nuclear Research (CERN) Geneva, Switzerland,
- Forschungszentrum Karlsruhe (FZK) Germany,
- Deutsches Elektronen- Synchrotron (DESY) Germany and
- University of Toronto (UTORONTO) Canada.
Data Sets
The data sets used in the study may be downloaded from the links listed below. Latest performance statistics may be accessed from here.
| Raw data | Labeled data |
|---|---|---|
SDSC | download | download |
ORNL | download | download |
CERN | download | download |
FZK | download | download |
DESY | download | download |
UTORONTO | download | download |
References
- C. Logg, L. Cottrell, and J. Navratil. Experiences in traceroute and available bandwidth change analysis. In NetT '04: Proceedings of the ACM SIGCOMM workshop on Network troubleshooting, pages 247-252. ACM, 2004.
- A. Soule, K. Salamatian, and N. Taft. Combining filtering and statistical methods for anomaly detection. In Internet Measurement Conference (IMC 2005), pages 331-344. USENIX, 2005.
- H. Hajji. Statistical analysis of network traffic for adaptive faults detection. In IEEE Transactions on Neural Networks, pages 1053-1063, 2005.