Bayesian topic models for describing computer network behaviors

Author

Cramer, Christopher ; Carin, Lawrence

Author_Institution

Signal Innovations Group, Inc., Durham, NC, USA

fYear

2011

fDate

22-27 May 2011

Firstpage

1888

Lastpage

1891

Abstract

We consider the use of Bayesian topic models in the analysis of computer network traffic. Our approach utilizes latent Dirichlet allocation and time-varying dynamic latent Dirichlet allocation, with the goal of identifying significant co-occurrences of types of network traffic, these forming topics of user behavior. In our experiments, these topics of user behavior included: (i) web traffic, (ii) email client and instant messaging, (iii) Microsoft file access, (iv) email server, and (v) other miscellaneous traffic. Each identified behavior topic included a variety of different, but related, protocols without using any a priori knowledge of the purpose of the protocol. We believe that the techniques presented in this paper can be used to form more complex topics through the use of deep packet inspection, and that such topic models could prove useful in the identification of zero-day exploits or other network threats.

Keywords

Bayes methods; Internet; client-server systems; computer network performance evaluation; computer network security; protocols; telecommunication traffic; Bayesian topic model; Microsoft file access; Web traffic; computer network behavior description; computer network traffic; deep packet inspection; email client; email server; instant messaging; protocols; time-varying dynamic latent Dirichlet allocation; user behavior; Bayesian methods; Indexes; Neodymium; Bayesian statistics; intrusion detection; network analysis; topic models;

fLanguage

English

Publisher

ieee

Conference_Titel

Acoustics, Speech and Signal Processing (ICASSP), 2011 IEEE International Conference on

Conference_Location

Prague

ISSN

1520-6149

Print_ISBN

978-1-4577-0538-0

Electronic_ISBN

1520-6149

Type

conf

DOI

10.1109/ICASSP.2011.5946875

Filename

5946875