Clustering and monitoring edge behaviour in enterprise network traffic

File Description SizeFormat 
IEEE_Schon_Adams_Evangelou.pdfFile embargoed until 01 January 10000766.3 kBAdobe PDF    Request a copy
Title: Clustering and monitoring edge behaviour in enterprise network traffic
Authors: Schon, C
Adams, NM
Evangelou, M
Item Type: Conference Paper
Abstract: This paper takes an unsupervised learning approach for monitoring edge activity within an enterprise computer network. Using NetFlow records, features are gathered across the active connections (edges) in 15-minute time windows. Then, edges are grouped into clusters using the k-means algorithm. This process is repeated over contiguous windows. A series of informative indicators are derived by examining the relationship of edges with the observed cluster structure. This leads to an intuitive method for monitoring network behaviour and a temporal description of edge behaviour at global and local levels.
Issue Date: 22-Jul-2017
Date of Acceptance: 28-May-2017
Publisher: IEEE
Journal / Book Title: IEEE Intelligence and Security Informatics
Copyright Statement: This paper is embargoed until publication.
Conference Name: IEEE International Conference on Intelligence and Security Informatics
Publication Status: Accepted
Start Date: 2017-07-22
Finish Date: 2017-07-24
Conference Place: Beijing, China
Embargo Date: publication subject to indefinite embargo
Appears in Collections:Mathematics
Faculty of Medicine
Faculty of Natural Sciences
Epidemiology, Public Health and Primary Care

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Creative Commons