| Publisher | AT&T Intellectual Property | ||
|---|---|---|---|
| Format | 180.6KB PDF | Date added | 20 Jan 2009 |
| Topics | Artificial Intelligence, IP Technologies, Software Engineering | ||
| Downloads | 0 | ||
Rule-based packet classification is a powerful method for identifying traffic anomalies, with network security as a key application area. While popular systems like Snort are used in many network locations, comprehensive deployment across Tier-1 service provider networks is costly due to the need for high-speed monitors at many network ingress points. This paper exploits correlations between packet and flow level information via a Machine Learning (ML) approach to associate packet level alarms with a feature vector derived from flow records on the same traffic. They describe a system architecture for network-wide flow-alarming and describe the steps required to establish a proof-of-concept. They evaluate prediction accuracy of candidate ML algorithms on actual packet traces.
Did you find this white paper useful?
4 out of 12 users found this white paper useful
Related white papers
Autonomous Mental Development: A New Interdisciplinary Transactions for Natural and Artificial Intelligence
Although some baby animals can get up and walk within hours after birth, what a human child learns during the first two years of life easily exceeds what those animals...
Creating and Using Oracle VM Templates: The Fastest Way to Deploy Any Enterprise Software
The intended audience for this paper is end-users of Oracle VM as well as third party ISVs (Independent Software Vendors), system-integrators, and value-added resellers interested in creating and using Oracle...
Detecting a Denial of Service Using Artificial Intelligent Tools, Genetic Algorithm
This paper describes novel work in using Genetic Algorithm for detecting misuse of programs. A brief overview of Intrusion Detection System, genetic algorithm and related detection techniques is presented. Developing...
MSDN Webcast: Game Programming in DarkGDK and C++ (Part 6 of 6): Finalizing Levels, Testing, and Polish (Level 100)
The attendee of this webcast will learn how to set the difficulty curve of the game and make levels. The presenter also discusses testing the game, making final adjustments to...
MSDN Webcast: Game Programming in DarkGDK and C++ (Part 5 of 6): Explosions, Effects, and Information Displays (Level 100)
The presenter of this webcast covers the explosion effects in the game and examines how sounds are triggered by the various game elements. The presenter also explores how to display...
MSDN Webcast: Introducing Xbox Community Games (Part 1 of 2) (Level 200)
The attendee of this webcast will learn about Xbox LIVE Community Games and how to join up with the XNA Creators Club to create and sell one's own video game...
MSDN Webcast: Game Programming in DarkGDK and C++ (Part 4 of 6): The Enemies (Level 100)
The presenter of this webcast covers the enemies in the game, explains the way they are set up and handled, and describes how they are controlled by the simplest of...
