Statistical methods for network surveillance
Abstract
The term network surveillance is defined in general terms and illustrated with many examples. Statistical methodologies that can be used as tools for network surveillance are discussed. Details for 3 illustrative examples that address network security, surveillance for data network failures, and surveillance of email traffic flows are presented. Some open areas of research are identified.
- Authors:
-
- Department of Statistics University of California Riverside CA USA
- Department of Mathematics and Statistics University of San Francisco San Francisco CA USA
- Moscow Institute of Physics and Technology Moscow Russia, AGT StatConsult Los Angeles CA USA
- Publication Date:
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1433427
- Resource Type:
- Publisher's Accepted Manuscript
- Journal Name:
- Applied Stochastic Models in Business and Industry
- Additional Journal Information:
- Journal Name: Applied Stochastic Models in Business and Industry Journal Volume: 34 Journal Issue: 4; Journal ID: ISSN 1524-1904
- Publisher:
- Wiley Blackwell (John Wiley & Sons)
- Country of Publication:
- United Kingdom
- Language:
- English
Citation Formats
Jeske, Daniel R., Stevens, Nathaniel T., Tartakovsky, Alexander G., and Wilson, James D. Statistical methods for network surveillance. United Kingdom: N. p., 2018.
Web. doi:10.1002/asmb.2326.
Jeske, Daniel R., Stevens, Nathaniel T., Tartakovsky, Alexander G., & Wilson, James D. Statistical methods for network surveillance. United Kingdom. https://doi.org/10.1002/asmb.2326
Jeske, Daniel R., Stevens, Nathaniel T., Tartakovsky, Alexander G., and Wilson, James D. Tue .
"Statistical methods for network surveillance". United Kingdom. https://doi.org/10.1002/asmb.2326.
@article{osti_1433427,
title = {Statistical methods for network surveillance},
author = {Jeske, Daniel R. and Stevens, Nathaniel T. and Tartakovsky, Alexander G. and Wilson, James D.},
abstractNote = {The term network surveillance is defined in general terms and illustrated with many examples. Statistical methodologies that can be used as tools for network surveillance are discussed. Details for 3 illustrative examples that address network security, surveillance for data network failures, and surveillance of email traffic flows are presented. Some open areas of research are identified.},
doi = {10.1002/asmb.2326},
journal = {Applied Stochastic Models in Business and Industry},
number = 4,
volume = 34,
place = {United Kingdom},
year = {Tue Apr 17 00:00:00 EDT 2018},
month = {Tue Apr 17 00:00:00 EDT 2018}
}
Free Publicly Available Full Text
Publisher's Version of Record
https://doi.org/10.1002/asmb.2326
https://doi.org/10.1002/asmb.2326
Other availability
Cited by: 22 works
Citation information provided by
Web of Science
Web of Science
Save to My Library
You must Sign In or Create an Account in order to save documents to your library.
Works referenced in this record:
Remote detection of bottleneck links using spectral and statistical methods
journal, February 2009
- He, Xinming; Papadopoulos, Christos; Heidemann, John
- Computer Networks, Vol. 53, Issue 3
Monitoring Time-Varying Network Streams Using State-Space Models
conference, April 2009
- Cao, J.; Chen, A.; Bu, T.
- 2009 Proceedings IEEE INFOCOM, IEEE INFOCOM 2009 - The 28th Conference on Computer Communications
Controlling correlated processes of Poisson counts
journal, January 2007
- Weiß, Christian H.
- Quality and Reliability Engineering International, Vol. 23, Issue 6
A non-instrusive, wavelet-based approach to detecting network performance problems
conference, January 2001
- Huang, Polly; Feldmann, Anja; Willinger, Walter
- Proceedings of the First ACM SIGCOMM Workshop on Internet Measurement - IMW '01
Detecting and identifying malware: a new signal processing goal
journal, September 2006
- Mitra, U.; Ortega, A.; Heidemann, J.
- IEEE Signal Processing Magazine, Vol. 23, Issue 5
Anomaly detection in dynamic networks: a survey
journal, March 2015
- Ranshous, Stephen; Shen, Shitian; Koutra, Danai
- Wiley Interdisciplinary Reviews: Computational Statistics, Vol. 7, Issue 3
Asymptotically Optimal Quickest Change Detection in Distributed Sensor Systems
journal, November 2008
- Tartakovsky, Alexander G.; Veeravalli, Venugopal V.
- Sequential Analysis, Vol. 27, Issue 4
Determining the Reference Sample Size Needed to Control the Accuracy of the Conditional in-control ARL of a Normal-theory CUSUM: Reference Sample Size to Control Accuracy of Conditional ARL
journal, January 2016
- Jeske, Daniel R.
- Quality and Reliability Engineering International, Vol. 32, Issue 7
Adaptive Thresholds: Monitoring Streams of Network Counts
journal, March 2006
- Lambert, Diane; Liu, Chuanhai
- Journal of the American Statistical Association, Vol. 101, Issue 473, p. 78-88
Detecting Change in Longitudinal Social Networks
journal, January 2020
- McCulloh, Ian; Carley, Kathleen M.
- Journal of Social Structure, Vol. 12, Issue 1
Stochastic blockmodels and community structure in networks
journal, January 2011
- Karrer, Brian; Newman, M. E. J.
- Physical Review E, Vol. 83, Issue 1
A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods
journal, September 2006
- Tartakovsky, A. G.; Rozovskii, B. L.; Blazek, R. B.
- IEEE Transactions on Signal Processing, Vol. 54, Issue 9
SPC methods for nonstationary correlated count data with application to network surveillance
journal, May 2014
- Fu, Yingzhuo; Jeske, Daniel R.
- Applied Stochastic Models in Business and Industry, Vol. 30, Issue 6
Monitoring Temporal Homogeneity in Attributed Network Streams
journal, January 2016
- Azarnoush, Bahareh; Paynabar, Kamran; Bekki, Jennifer
- Journal of Quality Technology, Vol. 48, Issue 1
An Overview of Phase I Analysis for Process Improvement and Monitoring
journal, July 2014
- Jones-Farmer, L. Allison; Woodall, William H.; Steiner, Stefan H.
- Journal of Quality Technology, Vol. 46, Issue 3
A bootstrap based space–time surveillance model with an application to crime occurrences
journal, February 2008
- Kim, Youngho; O’Kelly, Morton
- Journal of Geographical Systems, Vol. 10, Issue 2
Detection of intrusions in information systems by sequential change-point methods
journal, July 2006
- Tartakovsky, Alexander G.; Rozovskii, Boris L.; Blažek, Rudolf B.
- Statistical Methodology, Vol. 3, Issue 3
Testing a Collaborative DDoS Defense In a Red Team/Blue Team Exercise
journal, August 2008
- Mirkovic, Jelena; Reiher, Peter; Papadopoulos, Christos
- IEEE Transactions on Computers, Vol. 57, Issue 8
Visualising Crime Clusters in a Space-time Cube: An Exploratory Data-analysis Approach Using Space-time Kernel Density Estimation and Scan Statistics: Visualising Crime Clusters in Space-time
journal, June 2010
- Nakaya, Tomoki; Yano, Keiji
- Transactions in GIS, Vol. 14, Issue 3
Mining social networks for anomalies: Methods and challenges
journal, June 2016
- Bindu, P. V.; Thilagam, P. Santhi
- Journal of Network and Computer Applications, Vol. 68
Understanding sources of variation in syndromic surveillance for early warning of natural or intentional disease outbreaks
journal, June 2010
- Sparks, Ross; Carter, Chris; Graham, Petra
- IIE Transactions, Vol. 42, Issue 9
Towards a taxonomy of intrusion-detection systems
journal, April 1999
- Debar, Hervé; Dacier, Marc; Wespi, Andreas
- Computer Networks, Vol. 31, Issue 8
Understanding passive and active service discovery
conference, January 2007
- Bartlett, Genevieve; Heidemann, John; Papadopoulos, Christos
- Proceedings of the 7th ACM SIGCOMM conference on Internet measurement - IMC '07
A framework for classifying denial of service attacks
conference, January 2003
- Hussain, Alefiya; Heidemann, John; Papadopoulos, Christos
- Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '03
An overview and perspective on social network monitoring
journal, August 2016
- Woodall, William H.; Zhao, Meng J.; Paynabar, Kamran
- IISE Transactions, Vol. 49, Issue 3
H-likelihood: problems and solutions
journal, February 2007
- Lee, Youngjo; Nelder, John A.; Noh, Maengseok
- Statistics and Computing, Vol. 17, Issue 1
Some Current Directions in the Theory and Application of Statistical Process Monitoring
journal, January 2014
- Woodall, William H.; Montgomery, Douglas C.
- Journal of Quality Technology, Vol. 46, Issue 1
Expectation-based scan statistics for monitoring spatial time series data
journal, July 2009
- Neill, Daniel B.
- International Journal of Forecasting, Vol. 25, Issue 3
Portrait of Political Party Polarization
journal, April 2013
- Moody, James; Mucha, Peter J.
- Network Science, Vol. 1, Issue 1
Dynamic modularity in protein interaction networks predicts breast cancer outcome
journal, February 2009
- Taylor, Ian W.; Linding, Rune; Warde-Farley, David
- Nature Biotechnology, Vol. 27, Issue 2
Research Issues and Ideas in Statistical Process Control
journal, October 1999
- Woodall, William H.; Montgomery, Douglas C.
- Journal of Quality Technology, Vol. 31, Issue 4
Using signal processing to analyze wireless data traffic
conference, January 2002
- Partridge, Craig; Cousins, David; Jackson, Alden W.
- Proceedings of the ACM workshop on Wireless security - WiSE '02
EWMA Monitoring of Correlated Processes of Poisson Counts
journal, January 2009
- Weiß, Christian H.
- Quality Technology & Quantitative Management, Vol. 6, Issue 2
Efficient Computer Network Anomaly Detection by Changepoint Detection Methods
journal, February 2013
- Tartakovsky, Alexander G.; Polunchenko, Aleksey S.; Sokolov, Grigory
- IEEE Journal of Selected Topics in Signal Processing, Vol. 7, Issue 1
Scan Statistics on Enron Graphs
journal, October 2005
- Priebe, Carey E.; Conroy, John M.; Marchette, David J.
- Computational and Mathematical Organization Theory, Vol. 11, Issue 3, p. 229-247
On the trail of intrusions into information systems
journal, December 2000
- Kent, S.
- IEEE Spectrum, Vol. 37, Issue 12
Cusum techniques for timeslot sequences with applications to network surveillance
journal, October 2009
- Jeske, Daniel R.; Montes De Oca, Veronica; Bischoff, Wolfgang
- Computational Statistics & Data Analysis, Vol. 53, Issue 12
Likelihood-Based EWMA Charts for Monitoring Poisson Count Data With Time-Varying Sample Sizes
journal, May 2012
- Zhou, Qin; Zou, Changliang; Wang, Zhaojun
- Journal of the American Statistical Association, Vol. 107, Issue 499
Quickest detection in censoring sensor networks
conference, July 2011
- Mei, Yajun
- 2011 IEEE International Symposium on Information Theory - ISIT, 2011 IEEE International Symposium on Information Theory Proceedings
Identification of Repeated Denial of Service Attacks
conference, April 2006
- Hussain, A.; Heidemann, J.; Papadopoulos, C.
- Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications
Mining anomalies using traffic feature distributions
journal, October 2005
- Lakhina, Anukool; Crovella, Mark; Diot, Christophe
- ACM SIGCOMM Computer Communication Review, Vol. 35, Issue 4
An Active Splitter Architecture for Intrusion Detection and Prevention
journal, January 2006
- Xinidis, K.; Charitakis, I.; Antonatos, S.
- IEEE Transactions on Dependable and Secure Computing, Vol. 3, Issue 1
A signal analysis of network traffic anomalies
conference, January 2002
- Barford, Paul; Kline, Jeffery; Plonka, David
- Proceedings of the second ACM SIGCOMM Workshop on Internet measurment - IMW '02
A cusum change-point detection algorithm for non-stationary sequences with application to data network surveillance
journal, July 2010
- Montes De Oca, Veronica; Jeske, Daniel R.; Zhang, Qi
- Journal of Systems and Software, Vol. 83, Issue 7
Detecting Change Points in the Large-Scale Structure of Evolving Networks
journal, February 2015
- Peel, Leto; Clauset, Aaron
- Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 29, Issue 1
Analyzing the Aftermath of the McColo Shutdown
conference, July 2009
- DiBenedetto, Steve; Massey, Dan; Papadopoulos, Christos
- 2009 Ninth Annual International Symposium on Applications and the Internet (SAINT)
Community detection in graphs
journal, February 2010
- Fortunato, Santo
- Physics Reports, Vol. 486, Issue 3-5
Fault detection in an Ethernet network using anomaly signature matching
conference, January 1993
- Feather, Frank; Siewiorek, Dan; Maxion, Roy
- Conference proceedings on Communications architectures, protocols and applications - SIGCOMM '93
Anomaly detection in online social networks
journal, October 2014
- Savage, David; Zhang, Xiuzhen; Yu, Xinghuo
- Social Networks, Vol. 39