MineNet Workshop Technical Program

9:00 - 10:00: Keynote Presentation

Title: The Changing Internet Ecology: Confronting Security and Operational Challenges by Mining Network Data (slides)

Speaker: Farnam Jahanian, University of Michigan and Arbor Networks

Abstract: The Internet is increasingly susceptible to a broad spectrum of security threats and operational challenges such as distributed denial of service attacks, zero-day worms, phishing scams, and route hijacking. These threats occur at a time when the Internet continues to evolve with increasingly diverse topology, policies and applications. In order to ensure the continued security and availability of the Internet, there is a pressing need for instrumentation, measurement, correlation and mining of disparate data sources to aid in identifying, characterizing and mitigating these challenges. This presentation discusses the changing Internet ecology and the increasing complex challenges confronting enterprise and service provider networks. The talk explores the range of host- and network-based data sets available to practitioners and researchers, and highlights representative case studies of how data mining techniques can be highly effective for network management and security operations.

Speaker Bio: Farnam Jahanian is Professor of EECS at the University of Michigan and co-founder of Arbor Networks, Inc. Prior to joining academia, he was at the IBM T.J. Watson Research Center. His interests include network security, and network protocols and architectures. The author of over 80 published research papers, Farnam has served on dozens of government and industry panels. Farnam holds a master's degree and a Ph.D. in Computer Science from the University of Texas at Austin.

10:00 - 10:30: Break

10:30 - 12:30: Security and network problem determination
(Session chair: Mark Crovella, Boston University)

  • Detecting Mass-Mailing Worm Infected Hosts by Mining DNS Traffic Data (20 minutes) (pdf)
    Keisuke Ishibashi, NTT Cooperation
    Tsuyoshi Toyono, NTT Cooperation
    Katsuyasu Toyama, NTT Cooperation
    Masahiro Ishino, NTT Communications Cooperation
    Haruhiko Ohshima, NTT Communications Cooperation
    Ichiro Mizukoshi, NTT Communications Cooperation

  • Detecting Malicious Network Traffic using Inverse Distributions of Packet Contents (20 minutes) (pdf)
    Vijay Karamcheti, New York University
    Davi Geiger, New York University
    Zvi Kedem, New York University
    S. Muthukrishnan, Rutges University

  • Greynets: A Definition and Evaluation of Sparsely Populated Darknets (15 minutes) (pdf)
    Warren Harrop, Swinburne University of Technology, Australia
    Grenville Armitage, Swinburne University of Technology, Australia

  • Shrink: A Tool for Failure Diagnosis in IP Networks (20 minutes) (pdf)
    Srikanth Kandula, Massachusetts Institute of Technology
    Dina Katabi, Massachusetts Institute of Technology
    Jean Philippe Vasseur, Cisco Systems

  • Topographical Proximity for Mining Network Alarm Data (20 minutes) (pdf)
    Ann Devitt, Ericsson R&D, Ireland
    Joseph Duffin, Ericsson R&D, Ireland
    Robert Moloney, Ericsson R&D, Ireland

  • Discussion (20 minutes)

12:30 - 1:30: Lunch Break

1:30 - 3:15: Traffic Analysis and Infrastructure monitoring
(Session chair: Cristian Estan, Univ. Wisconsin-Madison)

  • Experiences with a Continuous Network Tracing Infrastructure (20 minutes) (pdf)
    Alefiya Hussain, USC/Information Sciences Institute, Sparta Inc.
    Genevieve Bartlett, USC/Information Sciences Institute
    Yuri Pryadkin, USC/Information Sciences Institute
    John Heidemann, USC/Information Sciences Institute
    Christos Papadopoulos, USC/Information Sciences Institute
    Joseph Bannister, USC/Information Sciences Institute

  • Manifold Learning Visualization of Network Traffic Data (20 minutes) (pdf)
    Neal Patwari, University of Michigan
    Alfred O. Hero, University of Michigan
    Adam Pacholski, University of Michigan

  • ACAS: Automated Construction of Application Signatures (20 minutes) (pdf)
    Patrick Haffner, AT&T Labs-Research
    Subhabrata Sen, AT&T Labs-Research
    Oliver Spatscheck, AT&T Labs-Research
    Dongmei Wang, AT&T Labs-Research

  • Anemone: using end-systems as a rich network management platform (15 minutes) (pdf)
    Richard Mortier, Microsoft Research Cambridge, UK
    Rebecca Isaacs, Microsoft Research Cambridge, UK
    Paul Barham, Microsoft Research Cambridge, UK

  • Fast and Accurate Traffic Matrix Measurement Using Adaptive Cardinality Counting (15 minutes) (pdf)
    Min Cai, University of Southern California
    Jianping Pan, NTT MCL
    Yu-Kwong Kwok, University of Southern California
    Kai Hwang, University of Southern California

  • Discussion (20 minutes)

3:15 - 3:45: Break

3:45 - 5:30: Routing & configuration management
(Session chair: Lixin Gao, Univ. Massachusetts at Amherst)

  • A First Step to Understand Inter Domain Routing Dynamics (20 minutes) (pdf)
    Kuai Xu, University of Minnesota
    Jaideep Chandrashekar, University of Minnesota
    Zhi-Li Zhang, University of Minnesota

  • Identifying BGP Routing Table Transfer (20 minutes) (pdf)
    Beichuan Zhang, University of Arizona
    Vamsi Kambhampati, Colorado State University
    Mohit Lad, University of California, Los Angeles
    Daniel Massey, Colorado State University
    Lixia Zhang, University of California, Los Angeles

  • Learning-Based Anomaly Detection in BGP Updates (15 minutes) (pdf)
    Jian Zhang, Yale University
    Jennifer Rexford, Princeton University
    Joan Feigenbaum, Yale University

  • Bayesian Detection of Router Configuration Anomalies (15 minutes) (pdf)
    Khalid El-Arini, Carnegie Mellon University
    Kevin Killourhy, Carnegie Mellon University

  • Role of machine learning in configuration management of ad hoc wireless networks (15 minutes) (pdf)
    Sung-eok Jeon, Georgia Institute of Technology
    Chuanyi Ji, Georgia Institute of Technology

  • Discussion (20 minutes)

  Valid XHTML 1.0! Valid CSS!