A modular multi-location anonymized traffic monitoring tool for a WiFi network
Authors: 
Justin Hummel, Andrew McDonald, Vatsal Shah, Riju Singh, Bradford D. Boyle, Tingshan Huang, Nagarajan Kandasamy, Harish Sethu, 
Steven WeberAuthors Info & Claims
Justin Hummel, Andrew McDonald, Vatsal Shah, Riju Singh, Bradford D. Boyle, Tingshan Huang, Nagarajan Kandasamy, Harish Sethu, Steven WeberAuthors Info & ClaimsPages 135 - 138
Abstract
Network traffic anomaly detection is now considered a surer approach to early detection of malware than signature-based approaches and is best accomplished with traffic data collected from multiple locations. Existing open-source tools are primarily signature-based, or do not facilitate integration of traffic data from multiple locations for real-time analysis, or are insufficiently modular for incorporation of newly proposed approaches to anomaly detection. In this paper, we describe DataMap, a new modular open-source tool for the collection and real-time analysis of sampled, anonymized, and filtered traffic data from multiple WiFi locations in a network and an example of its use in anomaly detection.
Supplementary Material
The attached zip archive contains a PDF version of the poster to be presented at CODASPY 2014.
- Download
- 1.00 MB
References
[1]
D. Brauckhoff, K. Salamatian, and M. May. Applying PCA for traffic anomaly detection: Problems and solutions. In Proc. IEEE INFOCOM, 2009.
[2]
DataMap. https://github.com/DataMap13/DataMap/. Accessed: August 8, 2013.
[3]
J. Fan, J. Xu, M. H. Ammar, and S. B. Moon. Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography-based scheme. Computer Networks, 46(2):253--272, 2004.
[4]
A. Kind, M. P. Stoecklin, and X. Dimitropoulos. Histogram-based traffic anomaly detection. IEEE Trans. Netw. Service Manag., 6:110--121, June 2009.
[5]
A. Lakhina, M. Crovella, and C. Diot. Mining anomalies using traffic feature distributions. In Proc. ACM SIGCOMM, 2005.
[6]
P. Li, M. Salour, and X. Su. A survey of Internet worm detection and containment. IEEE Communications Surveys and Tutorials, 10:20--35, 2008.
[7]
D. Moore, C. Shannon, G. M. Voelker, and S. Savage. Internet quarantine: Requirements for containing self-propagating code. In Proc. IEEE INFOCOM, pages 1901--1910, 2003.
[8]
OpenWIPS-ng. http://www.openwips-ng.org/. Accessed: August 8, 2013.
[9]
N. Perlroth. Out-maneuvered at their own game, antivirus makers struggle to adapt. The New York Times, December 31, 2012.
[10]
Security Onion. https://code.google.com/p/security-onion/. Accessed: August 8, 2013.
[11]
Snort. http://www.snort.org/. Accessed: August 8, 2013.
[12]
Vermont (VERsatile MONitoring Toolkit). https://github.com/constcast/vermont/wiki. Accessed: August 8, 2013.
[13]
C.-H. Wu and J. D. Irwin. Introduction to Computer Networks and Cybersecurity. CRC Press, 2013.
Index Terms
- A modular multi-location anonymized traffic monitoring tool for a WiFi network
Recommendations
HTMTAD: A Model to Detect Anomalies of CDN Traffic Based on Improved HTM Network
Neural Information ProcessingAbstractThere will always be malicious intrusion, node downtime and other events caused by network traffic anomalies while Content Delivery Network (CDN) is facing user’s service. These events will lead in a large area of network paralysis and suspension ...
A Network Traffic Anomaly Detection Method Based on Shapelet and KNN
Artificial Intelligence Security and PrivacyAbstractNetwork traffic anomaly detection is the foundation for discovering malicious attacks and securing network security. With the emergence of new technologies such as port masquerading and traffic encryption, traditional traffic anomaly detection ...
Black Hole Traffic Anomaly Detections in Wireless Sensor Network
With the flourish of Internet of Things, the security issues in wireless sensor network WSN, especially traffic anomaly detections, have attracted researchers' attentions. As a distributed wireless network, WSN is vulnerable to many attacks. In this ...
Comments
Information & Contributors
Information
Published In
March 2014
368 pages
ISBN:9781450322782
DOI:10.1145/2557547
- General Chairs:
- Elisa Bertino,
- Ravi Sandhu,
- Program Chair:
- Jaehong Park
Copyright © 2014 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 03 March 2014
Check for updates
Author Tags
Qualifiers
- Poster
Conference
CODASPY'14
Sponsor:
CODASPY'14: Fourth ACM Conference on Data and Application Security and Privacy
March 3 - 5, 2014
Texas, San Antonio, USA
Acceptance Rates
CODASPY '14 Paper Acceptance Rate 19 of 119 submissions, 16%;
Overall Acceptance Rate 149 of 789 submissions, 19%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 147Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)0
Reflects downloads up to 12 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in