Low-Rate, Flow-Level Periodicity Detection. Bartlett, G., Heidemann, J., & Papadopoulos, C. In Proceedings of the 14thIEEE Global Internet Symposium, pages 804–809, Shanghai, China, April, 2011. IEEE.
Low-Rate, Flow-Level Periodicity Detection [link]Paper  doi  abstract   bibtex   
As desktops and servers become more complicated, they employ an increasing amount of automatic, non-user initiated communication. Such communication can be good (OS updates, RSS feed readers, and mail polling), bad (keyloggers, spyware, and botnet command-and-control), or ugly (adware or unauthorized peer-to-peer applications). Communication in these applications is often regular, but with very long periods, ranging from minutes to hours. This infrequent communication and the complexity of today's systems makes these applications difficult for users to detect and diagnose. In this paper we present a new approach to identify low-rate periodic network traffic and changes in such regular communication. We employ signal-processing techniques, using discrete wavelets implemented as a fully decomposed, iterated filter bank. This approach not only detects low-rate periodicities, but also identifies approximate times when traffic changed. We implement a self-surveillance application that externally identifies changes to a user's machine, such as interruption of periodic software updates, or an installation of a keylogger.
@InProceedings{Bartlett11a,
	  author = "Genevieve Bartlett and John Heidemann and Christos Papadopoulos",
	  title = "Low-Rate, Flow-Level Periodicity Detection",
	booktitle = 	"Proceedings of the " # "14th" # " IEEE Global Internet Symposium",
	year = 		2011,
	sortdate = 		"2011-04-01",
	pages = 	"804--809",
	address = 	"Shanghai, China",
	month = 	apr,
	publisher = 	"IEEE",
	jlocation = 	"johnh: pafile",
	  myorganization =	"USC/Information Sciences Institute",
	  copyrightholder = "IEEE",
	  copyrightterms = "	Personal use of this material is permitted.  Permission from IEEE must 	be obtained for all other uses, in any current or future media, 	including reprinting/republishing this material for advertising or 	promotional purposes, creating new collective works, for resale or 	redistribution to servers or lists, or reuse of any copyrighted 	component of this work in other works.   ",
	  keywords =	"low-rate periodic detection, wavelet, traffic",
	project = "ant, lacrend, lander",
	jsubject = "spectral_network",
	  jlocation =	"johnh: pafile",
	  url =		"https://ant.isi.edu/%7ejohnh/PAPERS/Bartlett11a.html",
	  pdfurl =		"https://ant.isi.edu/%7ejohnh/PAPERS/Bartlett11a.pdf",
	doi = 	"http://dx.doi.org/10.1109/INFCOMW.2011.5928922",
	abstract = "
As desktops and servers become more complicated, they employ an
increasing amount of automatic, non-user initiated communication. Such
communication can be good (OS updates, RSS feed readers, and mail
polling), bad (keyloggers, spyware, and botnet command-and-control),
or ugly (adware or unauthorized peer-to-peer
applications). Communication in these applications is often regular,
but with very long periods, ranging from minutes to hours. This
infrequent communication and the complexity of today's systems makes
these applications difficult for users to detect and diagnose. In this
paper we present a new approach to identify low-rate periodic network
traffic and changes in such regular communication. We employ
signal-processing techniques, using discrete wavelets implemented as a
fully decomposed, iterated filter bank. This approach not only detects
low-rate periodicities, but also identifies approximate times when
traffic changed. We implement a self-surveillance application that
externally identifies changes to a user's machine, such as
interruption of periodic software updates, or an installation of a
keylogger.
"
}
Downloads: 0
About
Documentation
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021