Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Profiling the End Host

Thomas Karagiannis, Konstantina Papagiannaki, Nina Taft, and Michalis Faloutsos


Profiling is emerging as a useful tool for a variety of diagnosis and security applications. Existing profiles are often narrowly focused in terms of the data they capture or the application they target. In this paper, we seek to design general end-host profiles capable of capturing and representing a broad range of user activity and behavior. We first present a novel methodology to profiling that uses a graph-based structure to represent and distill flow level information at the transport layer. Second, we develop mechanisms to: (a) summarize the information, and (b) adaptively evolve it over time.We conduct an initial study of our profiles on real user data, and observe that our method generates a compact, robust and intuitive description of user behavior.


Publication typeInproceedings
Published inPAM
> Publications > Profiling the End Host