Computing and Information Systems - Research Publications

Permanent URI for this collection

http://hdl.handle.net/11343/350

Filters

2017 1
1
Reset filters

Settings
Statistics
Citations
Author: Alipourchavary, Elaheh × Author: Leckie, Christopher × End date: 2017 × Start date: 2017 ×

Search Results

Now showing 1 - 1 of 1
  • Item
    Thumbnail Image
    Summarizing Significant Changes in Network Traffic Using Contrast Pattern Mining
    Chavary, EA ; Erfani, SM ; Leckie, C (Association for Computing Machinery, 2017)
    Extracting knowledge from the massive volumes of network traffic is an important challenge in network and security management. In particular, network managers require concise reports about significant changes in their network traffic. While most existing techniques focus on summarizing a single traffic dataset, the problem of finding significant differences between multiple datasets is an open challenge. In this paper, we focus on finding important differences between network traffic datasets, and preparing a summarized and interpretable report for security managers. We propose the use of contrast pattern mining, which finds patterns whose support differs significantly from one dataset to another. We show that contrast patterns are highly effective at extracting meaningful changes in traffic data. We also propose several evaluation metrics that reflect the interpretability of patterns for security managers. Our experimental results show that with the proposed unsupervised approach, the vast majority of extracted patterns are pure, i.e., most changes are either attack traffic or normal traffic, but not a mixture of both.