Characterization of Periodic Network Traffic

Date
2017
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This thesis focuses on characterizing periodic communications in network traffic, which we refer to as network heartbeats. Heartbeat traffic can be used to assess the overall health of an operational network, based on the presence/absence of heartbeats for known network services, and also to detect unexpected/undesired network services, such as malicious traffic. We use a simple and flexible SQL-based method to detect a wide range of heartbeats in network traffic, using seven weeks of connection logs from a campus edge network. Our results show that heartbeat analysis is effective for detecting P2P, gaming, cloud, scanning, and botnet traffic flows, which often have periodic signatures.
Description
Keywords
Computer Science
Citation
Haffey, M. (2017). Characterization of Periodic Network Traffic (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/25285