Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Profiling the End Host

Thomas Karagiannis, Konstantina Papagiannaki, Nina Taft, and Michalis Faloutsos

Abstract

Profiling is emerging as a useful tool for a variety of diagnosis and security applications. Existing profiles are often narrowly focused in terms of the data they capture or the application they target. In this paper, we seek to design general end-host profiles capable of capturing and representing a broad range of user activity and behavior. We first present a novel methodology to profiling that uses a graph-based structure to represent and distill flow level information at the transport layer. Second, we develop mechanisms to: (a) summarize the information, and (b) adaptively evolve it over time.We conduct an initial study of our profiles on real user data, and observe that our method generates a compact, robust and intuitive description of user behavior.

Details

Publication typeInproceedings
Published inPAM
Pages186-196
PublisherSpringer-Verlag
> Publications > Profiling the End Host