Date Added: Jan 2011
This paper investigates the value of Network Telescope data as a mechanism for network incident discovery by considering data summarization, simple heuristic identification and deviations from previously observed traffic distributions. It is important to note that the traffic observed is obtained from a Network Telescope and thus does not experience the same fluctuations or vagaries experienced by normal traffic. The datasets used for this analysis were obtained from a Network Telescope for the time period August 2005 to September 2009 which had been allocated a Class-C network address block at Rhodes University. The nature of the datasets were considered in terms of simple statistical measures obtained through data summarization which greatly reduced the processing and observation required to determine whether an incident had occurred.