YMTIS Workshop Geneva Introduction to XNA Marios Karagiannis
Exploring Graph-based Network Traffic Analysisalumni.cs.ucr.edu/~marios/Papers/poster.pdfTraffic...
Transcript of Exploring Graph-based Network Traffic Analysisalumni.cs.ucr.edu/~marios/Papers/poster.pdfTraffic...
Exploring Graph-based Network Traffic Analysis
Marios Iliofotou, H. Kim, M. Faloutsos, M. Mitzenmacher, P. Pappu, and G. Varghese
Department of Computer Science and Engineering - University of California, Riverside
Traffic Analysis Using Traffic Dispersion Graphs (TDGs)
� What is this poster about1. How to generate and model TDGs2. Practical applications of TDGs
� Graph formation (toy example)
Example of a P2P TDG:Gnutella- One large connected component
- High average degree
[Trace from: Palo Alto Internet Exchange.]
Example of a Client-Server TDG: HTTP- Large number of small components
- Graph is less dense
compared to P2P TDGs[Trace from: Palo Alto Internet Exchange.]
Graph Classification- Small set of metrics can
Graption: Graph-based Traffic Classification
� Edge Selection• Using well-known ports and payload • Using machine learning classification and clustering methods
- Small set of metrics can distinguish between application classes
- Scatter plot shows that fixed
threshold can classify TDGsacross multiple backbone locations (4 traces)
75
80
85
90
95
100
Precision Recall
Graption
BLINC
50556065707580859095
100
Precision Recall
� About Graption• Classifies network flows using network-wide interactions
• Case study: Use Graptionto detect P2P Traffic
• Graption can automate the extraction of application profile
• Performs better than host-based methodsat the backbone
The Graption MethodologyGraption over varioussystem configurations
Per application classificationperformance
Cla
ssif
icati
on
Perfo
rm
ance (
%)
Cla
ssif
icati
on P
erfo
rm
ance (
%)
F-M
easure (%
)
Number of Clusters