The Time-Varying Dependency Patterns of NetFlow Statistics

Gibberd, A. and Evangelou, M. and Nelson, J. D. B. (2016) The Time-Varying Dependency Patterns of NetFlow Statistics. In: 2016 IEEE 16th International Conference on Data Mining Workshops (ICDMW) :. 2016 IEEE 16th International Conference on Data Mining Workshops (ICDMW) . IEEE, pp. 288-294. ISBN 9781509059119

[thumbnail of dependency_netflow]
Preview
PDF (dependency_netflow)
dependency_netflow.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.

Download (481kB)

Abstract

We investigate where and how key dependency structure between measures of network activity change throughout the course of daily activity. Our approach to data-mining is probabilistic in nature, we formulate the identification of dependency patterns as a regularised statistical estimation problem. The resulting model can be interpreted as a set of time-varying graphs and provides a useful visual interpretation of network activity. We believe this is the first application of dynamic graphical modelling to network traffic of this kind. Investigations are performed on 9 days of real-world network traffic across a subset of IP's. We demonstrate that dependency between features may change across time and discuss how these change at an intra and inter-day level. Such variation in feature dependency may have important consequences for the design and implementation of probabilistic intrusion detection systems.

Item Type:
Contribution in Book/Report/Proceedings
Additional Information:
©2016 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
ID Code:
128567
Deposited By:
Deposited On:
06 Nov 2018 15:16
Refereed?:
Yes
Published?:
Published
Last Modified:
18 Dec 2023 02:21