Paper: Graph Based Statistical Analysis of Network Traffic

Published by a group from Los Alamos National Lab (Hristo Djidjev, Gary Sandine, Curtis Storlie, Scott Vander Wiel):

We propose a method for analyzing traffic data in large computer networks such as big enterprise networks or the Internet. Our approach combines graph theoretical representation of the data and graph analysis with novel statistical methods for discovering pattern and timerelated anomalies. We model the traffic as a graph and use temporal characteristics of the data in order to decompose it into subgraphs corresponding to individual sessions, whose characteristics are then analyzed using statistical methods. The goal of that analysis is to discover patterns in the network traffic data that might indicate intrusion activity or other malicious behavior.

The embedded PDF and download link after the break.

While Hadoop excels at handling large amounts of data, it is not optimized for graph processing. Google’s Pregel and recently released GoldenOrb were created to tackle the large scale graph processing problems—see how GoldenOrb compares to Google Pregel and the major differences between Pregel and MapReduce.

Download the PDF from here.

Original title and link: Paper: Graph Based Statistical Analysis of Network Traffic (NoSQL database©myNoSQL)