FlowSummary: Summarizing Network Flows for Communication Periodicity Detection

  • Neminath Hubballi
  • Deepanshu Goyal
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8251)


Data summarization is an important technique to understand large datasets and discover useful patterns. In this paper we formulate a problem of summarizing network flow data to discover periodic communication behavior. An efficient implementation method for discovering periodic patterns is described in this paper and it has successfully discovered such patterns in a simulated and real application.


Anomaly Detection Intrusion Detection System Network Intrusion Detection System Data Summarization Periodic Communication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
  2. 2.
    Bartlett, G., Heidemann, J., Papadopoulos, C.: Using low-rate flow periodicities for anomaly detection: Extended. Technical report, University of Southern California (2009)Google Scholar
  3. 3.
    Chandola, V., Kumar, V.: Summarization- compressing data into an informative representation. Knowledge of Information Systems 12(3), 355–378 (2007)CrossRefGoogle Scholar
  4. 4.
    Collins, M.: A Protocol Graph Based Anomaly Detection System. PhD thesis, School of Electrical and Computer Engineering, Carnegie Mellon University (2008)Google Scholar
  5. 5.
    Ertz, L., Eilertson, E., Lazarevic, A., Tan, P., Kumar, V., Srivastava, J.: The MINDS- Minnesota Intrusion Detection System, ch. 3 (2004)Google Scholar
  6. 6.
    Hubballi, N., Biswas, S., Nandi, S.: Towards reducing false alarms in network intrusion detection systems with data summarization technique. Security and Communication Networks 6(3) (2013)Google Scholar
  7. 7.
    Kim, M., Kang, H., Hong, S., Chung, S., Hong, J.: A flow-based method for abnormal network traffic detection. In: IEEE/IFIP Proceedings of the Network Operations and Management Symposium, pp. 217–228. Springer (2004)Google Scholar
  8. 8.
    Mahoney, M.V., Chan, P.K.: PHAD: Packet Header Anomaly Detection for identifying hostile network traffic. Technical report, Florida Institute of Technology (2001)Google Scholar
  9. 9.
    Mampaey, M., Vreeken, J.: Summarizing categorical data by clustering attributes. Data Mining and Knowledge Discovery 26(1), 130–173 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Mielikainen, T.: Summarization Techniques for Pattern Collections in Data Mining. PhD thesis, University of Helsinki (2005)Google Scholar
  11. 11.
    Zhang, T., Ramakrishnan, R., Livny, M.: Birch: A new data clustering algorithm and its applications. Data Mining and Knowledge Discovery 1(2), 141–182 (1997)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Neminath Hubballi
    • 1
  • Deepanshu Goyal
    • 1
  1. 1.Department of Computer Science & EngineeringIndian Institute of Technology GuwahatiIndia

Personalised recommendations