Detection of Interdomain Routing Anomalies Based on Higher-Order Path Analysis

Hong Kong December 18-December 22

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICDM.2006.52

Sixth IEEE International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Murat Can Ganiz Articles by Sudhan Kanitkar Articles by Mooi Choo Chuah Articles by William M. Pottenger

	ASCII Text	x
	Murat Can Ganiz, Sudhan Kanitkar, Mooi Choo Chuah, William M. Pottenger, "Detection of Interdomain Routing Anomalies Based on Higher-Order Path Analysis," Data Mining, IEEE International Conference on, pp. 874-879, Sixth IEEE International Conference on Data Mining (ICDM'06), 2006.

	BibTex	x
	@article{ 10.1109/ICDM.2006.52, author = {Murat Can Ganiz and Sudhan Kanitkar and Mooi Choo Chuah and William M. Pottenger}, title = {Detection of Interdomain Routing Anomalies Based on Higher-Order Path Analysis}, journal ={Data Mining, IEEE International Conference on}, volume = {0}, year = {2006}, issn = {1550-4786}, pages = {874-879}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICDM.2006.52}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Data Mining, IEEE International Conference on TI - Detection of Interdomain Routing Anomalies Based on Higher-Order Path Analysis SN - 1550-4786 SP874 EP879 A1 - Murat Can Ganiz, A1 - Sudhan Kanitkar, A1 - Mooi Choo Chuah, A1 - William M. Pottenger, PY - 2006 KW - null VL - 0 JA - Data Mining, IEEE International Conference on ER -

Murat Can Ganiz, Lehigh University, USA

Sudhan Kanitkar, Lehigh University, USA

Mooi Choo Chuah, Lehigh University, USA

William M. Pottenger, Rutgers University, USA

Anomalous interdomain Border Gateway Protocol (BGP) events including misconfigurations, attacks and large-scale power failures often affect the global routing infrastructure. Thus, the ability to detect and categorize such events is extremely useful. In this article we present a novel anomaly detection technique for BGP that distinguishes between different anomalies in BGP traffic. This technique is termed Higher Order Path Analysis (HOPA) and focuses on the discovery of patterns in higher order paths in supervised learning datasets. Our results demonstrate that not only worm events but also different types of worms as well as blackout events are cleanly separable and can be classified in real time based on our incremental approach. This novel approach to supervised learning has potential applications in cybersecurity/forensics and text/data mining in general.

Citation:

Murat Can Ganiz, Sudhan Kanitkar, Mooi Choo Chuah, William M. Pottenger, "Detection of Interdomain Routing Anomalies Based on Higher-Order Path Analysis," icdm, pp.874-879, Sixth IEEE International Conference on Data Mining (ICDM'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.