Title :
Large Scale Activity Monitoring for distributed honeynets
Author :
François, Jerome ; State, Radu ; Festor, Olivier
Author_Institution :
INRIA-LORIA, Nancy
Abstract :
This paper proposes a new distributed monitoring approach based on the notion of centrality of a graph and its evolution in time. We consider an activity profiling method for a distributed monitoring platform and illustrate its usage in two different target deployments. The first one concerns the monitoring of a distributed honeynet, whilst the second deployment target is the monitoring of a large network telecope. The central concept underlying our work are the intersection graphs and a centrality based locality statistics. These graphs have not been used widely in the field of network security. The advantage of this method is that analyzing aggregated activity data is possible by considering the curve of the maximum locality statistics and that important change point moments are well identified.
Keywords :
computer networks; data analysis; graph theory; monitoring; statistical analysis; telecommunication security; aggregated activity data analysis; centrality based locality statistics; distributed honeynets; intersection graphs; large network telecope; large scale activity monitoring; network security; Aggregates; Backscatter; Data analysis; Data security; Internet; Large-scale systems; Monitoring; Statistical analysis; Statistical distributions; Symmetric matrices;
Conference_Titel :
Internet Monitoring and Protection, 2007. ICIMP 2007. Second International Conference on
Conference_Location :
San Jose, CA
Print_ISBN :
0-7695-2911-9
Electronic_ISBN :
0-7695-2911-9
DOI :
10.1109/ICIMP.2007.24
