Learn More
Enterprise networks are increasingly offloading the responsibility for worm detection and containment to the carrier networks. However, current approaches to the zero-day worm detection problem such as those based on content similarity of packet payloads are not scalable to the carrier link speeds (OC-48 and up-wards). In this paper, we introduce a new(More)
Inconsistency or Anomaly extraction refers to the automatically finding a large set of flows observed during an anomalous time interval, the flows associated with anomalous events. It is valuable for root causes analysis, network forensics, anomaly modeling, and attack mitigation. In this paper, histogram based detectors are used which provide a meta-data(More)
  • 1