Sifting Through Network Data to Cull Activity Patterns With HEAPs

Download Now Date Added: Mar 2010
Format: PDF

Today's large campus and enterprise networks are characterized by their complexity, i.e. containing thousands of hosts, and diversity, i.e. with various applications and usage patterns. To effectively manage and secure such networks, network operators and system administrators are faced with the challenge of characterizing, profiling and tracking activity patterns passing through their networks. Because of the large number of IP addresses and the prevalence of dynamic IP addresses, profiling and tracking individual hosts may not be effective nor scalable. In this paper, the authors develop a Hierarchical Extraction of Activity Patterns (HEAPs), which is a method for characterizing and profiling activity patterns within subnets.