Home | DTI | 2006–07 funded proposals | Zhi-Li Zhang, Vipin Kumar, Supratik Bhattachyyra, Feng Cao, Subhabrata Sen
Zhi-Li Zhang, Vipin Kumar, Supratik Bhattachyyra, Feng Cao, Subhabrata Sen
Traffic Behavior Profiling and Anomaly Detection for Network Security Monitoring and Attack Detection
In this project we plan to develop a general behavior-based methodology to profile network traffic to extract and analyze common communication patterns and structures over time and space, and to characterize and distinguish between “normal” vs. “anomalous” behaviors. The goal is to i) not only automatically discover significant behaviors of interest from massive traffic data, ii) but also provide a plausible interpretation of these behaviors to aid network operators and security analysts in understanding and quickly identifying anomalous events of significance. Using this methodology, we will develop techniques and tools for network security monitoring and attack detection. We believe that our techniques will help protect critical services and critical network infrastructures. Novel and stealthy attacks as well as botnets could potentially be more effectively detected by deploying our techniques in various networking environments. We have been collaborating with researchers from AT&T Research, CISCO and Sprint Advanced Technology Labs on research problems related to this project. Additional future funding as well as student internships are expected.
Digital Technology Center
499 Walter Library, 117 Pleasant Street SE, Minneapolis, MN 55455
P: (612) 624-9510