Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP

Soon Tee Teoh, Ke Zhang, Shih Ming Tseng, Kwan-Liu Ma, S. Felix Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

40 Scopus citations

Abstract

The security of Internet routing is a major concern because attacks and errors can result in data packets not reaching their intended destination and/ or falling into the wrong hands. A key step in improving routing security is to analyze and understand it. In the past, we and other researchers have presented various visual-based, statistical-based, and signature-based methods of analyzing Internet routing data. In this paper, we describe an integration of visual and automated data mining methods for discovering and investigating anomalies in Internet routing. We show how these different components are combined in such a way as to complement each other, creating a very effective and useful analysis tool. In addition to performing analysis on archived data, our system is able to collect, process and visualize data in near-real-time.

Original languageEnglish (US)
Title of host publicationVizSEC/DMSEC '04
Subtitle of host publicationProceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security
Pages35-44
Number of pages10
StatePublished - Dec 1 2004
EventVizSEC/DMSEC '04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security - Washington, DC, United States
Duration: Oct 29 2004Oct 29 2004

Other

OtherVizSEC/DMSEC '04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security
CountryUnited States
CityWashington, DC
Period10/29/0410/29/04

Keywords

  • Information visualization
  • Internet routing
  • Network visualization

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP'. Together they form a unique fingerprint.

  • Cite this

    Teoh, S. T., Zhang, K., Tseng, S. M., Ma, K-L., & Wu, S. F. (2004). Combining visual and automated data mining for near-real-time anomaly detection and analysis in BGP. In VizSEC/DMSEC '04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (pp. 35-44)