A new academic paper from the recent NECOMA [Nippon-European Cyberdefense-Oriented Multilayer threat Analysis @NECOMAPROJECT] conference, entitled A Taxonomy of Anomalies in Backbone Network Traffic, starts on the premise that the potential threat of network anomalies on the Internet has led to a constant effort by the research community to design reliable detection methods.
"Detection is not enough, however, because network administrators need additional information on the nature of events occurring in a network," state the paper's authors.
"We thus present a new taxonomy of network anomalies with wide coverage of existing work. We also provide a set of signatures that assign taxonomy labels to events," continues the researchers' abstract. "We present a preliminary study applying this taxonomy with six years of real network traffic from the MAWI repository. We classify previously documented anomalous events and draw to main conclusions."
Johan Mazel, Romain Fontugne, Kensuke Fukuda. A Taxonomy of Anomalies in Backbone Network Traffic. In Proceedings of the International Workshop on Traffic Analysis and Characterization (TRAC 2014). Nicosia, Cyprus. August, 2014.Download/View PDF (637.7 KB)