FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W89567444> ?p ?o ?g. }

• W89567444 abstract "In this thesis, we address three major issues in analyzing network tra c using statistical signal processing methods: Network tra c control and data planes: We decompose enterprise LAN TCP tra c into control and data planes. We use the control plane tra c as a surrogate for the whole combined tra c when analyzing network tra c. We show that the two tra c groups have similar behavior through visual plots and multivariate statistical analysis. Since the control plane tra c has less volume, reducing the analysis to it contributes to higher e ciency and scalability. We compare the two tra c groups using the cross-correlation function and show that dissimilarity between them is an indication of abnormal behavior. We also study the Long-Range Dependence (LRD) behavior of the two groups based on the tra c’’s direction and nd that this allows us to focus on smaller segments of the tra c. Detect periodic behavior in network tra c: We develop an e cient, robust, multivariate approach method to detect periodic behavior in network tra c. The method is based on evaluating the periodogram of several count-feature sequences of a tra c trace and testing the signicance of the peak of each periodogram. Botnet command and control (C2) communication channels tra c: In many botnet variants, bots periodically exchange code and updates. We detect bots by detecting the periodic behavior of their C2 tra c. We use SLINGbot to implement two variants of botnets, TinyP2P and IRC, and show that the C2 tra c of both exhibits periodic behavior. This is true whether we apply the test to the whole or to the control tra c alone. We add background and random noise tra c to C2 tra c to test the performance of the method. We nd that address count sequences are more robust to background tra c since the number of hosts that a given host communicates with during a certain time window is relatively small, hence its e ect on the address count is small. We show that the method’’s performance increases with the increase of the duty cycle and/or the length of the observed tra c, and decreases with the decrease of the period length. Finally, we compare the periodic behavior of C2 tra c to the periodic behavior of E-mail tra c and explain that they can be easily distinguished because E-mail communication tra c uses well known port numbers." @default.
• W89567444 created "2016-06-24" @default.
• W89567444 creator A5030234358 @default.
• W89567444 date "2009-01-01" @default.
• W89567444 modified "2023-09-27" @default.
• W89567444 title "Network traffic analysis through statistical signal processing methods" @default.
• W89567444 cites W1484821102 @default.
• W89567444 cites W1584270973 @default.
• W89567444 cites W1766888123 @default.
• W89567444 cites W1988918299 @default.
• W89567444 cites W2021149973 @default.
• W89567444 cites W203307355 @default.
• W89567444 cites W2050334073 @default.
• W89567444 cites W2061310904 @default.
• W89567444 cites W2076988644 @default.
• W89567444 cites W2102616700 @default.
• W89567444 cites W2105818147 @default.
• W89567444 cites W2109224931 @default.
• W89567444 cites W2112135709 @default.
• W89567444 cites W2112746910 @default.
• W89567444 cites W2114042257 @default.
• W89567444 cites W2114250523 @default.
• W89567444 cites W2120256168 @default.
• W89567444 cites W2122196204 @default.
• W89567444 cites W2122308929 @default.
• W89567444 cites W2130984574 @default.
• W89567444 cites W2140971281 @default.
• W89567444 cites W2142709479 @default.
• W89567444 cites W2147215426 @default.
• W89567444 cites W2148275477 @default.
• W89567444 cites W2149018841 @default.
• W89567444 cites W2151934475 @default.
• W89567444 cites W2156896296 @default.
• W89567444 cites W2163899311 @default.
• W89567444 cites W2168996020 @default.
• W89567444 cites W2316706700 @default.
• W89567444 cites W3149441194 @default.
• W89567444 hasPublicationYear "2009" @default.
• W89567444 type Work @default.
• W89567444 sameAs 89567444 @default.
• W89567444 citedByCount "0" @default.
• W89567444 crossrefType "journal-article" @default.
• W89567444 hasAuthorship W89567444A5030234358 @default.
• W89567444 hasConcept C110875604 @default.
• W89567444 hasConcept C124101348 @default.
• W89567444 hasConcept C136764020 @default.
• W89567444 hasConcept C153180895 @default.
• W89567444 hasConcept C154945302 @default.
• W89567444 hasConcept C22735295 @default.
• W89567444 hasConcept C41008148 @default.
• W89567444 hasConcept C48044578 @default.
• W89567444 hasConcept C506615639 @default.
• W89567444 hasConcept C76155785 @default.
• W89567444 hasConcept C77088390 @default.
• W89567444 hasConceptScore W89567444C110875604 @default.
• W89567444 hasConceptScore W89567444C124101348 @default.
• W89567444 hasConceptScore W89567444C136764020 @default.
• W89567444 hasConceptScore W89567444C153180895 @default.
• W89567444 hasConceptScore W89567444C154945302 @default.
• W89567444 hasConceptScore W89567444C22735295 @default.
• W89567444 hasConceptScore W89567444C41008148 @default.
• W89567444 hasConceptScore W89567444C48044578 @default.
• W89567444 hasConceptScore W89567444C506615639 @default.
• W89567444 hasConceptScore W89567444C76155785 @default.
• W89567444 hasConceptScore W89567444C77088390 @default.
• W89567444 hasLocation W895674441 @default.
• W89567444 hasOpenAccess W89567444 @default.
• W89567444 hasPrimaryLocation W895674441 @default.
• W89567444 isParatext "false" @default.
• W89567444 isRetracted "false" @default.
• W89567444 magId "89567444" @default.
• W89567444 workType "article" @default.