Date Added: Aug 2011
Large scale viral outbreaks such as Conficker, the Code Red worm and the Witty worm illustrate the importance of monitoring malevolent activity on the Internet. Careful monitoring of anomalous traffic allows organizations to react appropriately and in a timely fashion to minimize economic damage. Network telescopes, a type of Internet monitor, provide analysts with a way of decoupling anomalous traffic from legitimate traffic. Data from network telescopes is used by analysts to identify potential incidents by comparing recent trends with historical data. Analysis of network telescope datasets is complicated by the large quantity of data present, the number of subdivisions within the data and the uncertainty associated with received traffic.