IP Security & AV

Taxonomy study investigates backbone network traffic's security anomalies

Dec. 4, 2014

Potential threats of network anomalies on the Internet have led to a constant effort by the research community to design reliable detection methods.

Taxonomy paper investigates security anomalies in backbone network traffic

A new academic paper from the recent NECOMA [Nippon-European Cyberdefense-Oriented Multilayer threat Analysis @NECOMAPROJECT] conference, entitled A Taxonomy of Anomalies in Backbone Network Traffic, starts on the premise that the potential threat of network anomalies on the Internet has led to a constant effort by the research community to design reliable detection methods.

IEEE: Top 10 technology trends for 2015

Nationally recognized scientist to chair IEEE cybersecurity push

5 best practices to improve building management systems' cybersecurity

"Detection is not enough, however, because network administrators need additional information on the nature of events occurring in a network," state the paper's authors.

"We thus present a new taxonomy of network anomalies with wide coverage of existing work. We also provide a set of signatures that assign taxonomy labels to events," continues the researchers' abstract. "We present a preliminary study applying this taxonomy with six years of real network traffic from the MAWI repository. We classify previously documented anomalous events and draw to main conclusions."

Johan Mazel, Romain Fontugne, Kensuke Fukuda. A Taxonomy of Anomalies in Backbone Network Traffic. In Proceedings of the International Workshop on Traffic Analysis and Characterization (TRAC 2014). Nicosia, Cyprus. August, 2014.Download/View PDF (637.7 KB)