Abstract
Network anomaly detection systems can be used to identify anomalous transfers or threats, which, when undetected, can trigger large-scale malicious events. Data-intensive science projects rely on high-throughput computing and high-speed networking resources for data analysis and processing. In this paper, we propose an anomaly detection framework and architecture for identifying anomalies in GridFTP transfers. Application-awareness plays an important role in our proposed architecture and is used to communicate GridFTP application metadata to the machine learning and anomaly detection system. We demonstrate the effectiveness of our architecture by evaluating the framework with a real-world, large-scale dataset of GridFTP transfers. Preliminary results show that our framework can be used to develop novel anomaly detection services with diverse feature sets for distributed and data-intensive projects.
| Original language | English (US) |
|---|---|
| Title of host publication | SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018 |
| Publisher | Association for Computing Machinery, Inc |
| Pages | 7-12 |
| Number of pages | 6 |
| ISBN (Electronic) | 9781450356350 |
| DOIs | |
| State | Published - Mar 14 2018 |
| Event | 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFVSec 2018 - Tempe, United States Duration: Mar 21 2018 → … |
Publication series
| Name | SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018 |
|---|---|
| Volume | 2018-January |
Other
| Other | 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFVSec 2018 |
|---|---|
| Country | United States |
| City | Tempe |
| Period | 3/21/18 → … |
Fingerprint
ASJC Scopus subject areas
- Computer Science Applications
- Information Systems
- Software
Cite this
Identifying anomalies in gridftp transfers for data-intensive science through application-awareness. / Nadig, Deepak; Ramamurthy, Byrav; Bockelman, Brian; Swanson, David.
SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. Association for Computing Machinery, Inc, 2018. p. 7-12 (SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018; Vol. 2018-January).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Identifying anomalies in gridftp transfers for data-intensive science through application-awareness
AU - Nadig, Deepak
AU - Ramamurthy, Byrav
AU - Bockelman, Brian
AU - Swanson, David
PY - 2018/3/14
Y1 - 2018/3/14
N2 - Network anomaly detection systems can be used to identify anomalous transfers or threats, which, when undetected, can trigger large-scale malicious events. Data-intensive science projects rely on high-throughput computing and high-speed networking resources for data analysis and processing. In this paper, we propose an anomaly detection framework and architecture for identifying anomalies in GridFTP transfers. Application-awareness plays an important role in our proposed architecture and is used to communicate GridFTP application metadata to the machine learning and anomaly detection system. We demonstrate the effectiveness of our architecture by evaluating the framework with a real-world, large-scale dataset of GridFTP transfers. Preliminary results show that our framework can be used to develop novel anomaly detection services with diverse feature sets for distributed and data-intensive projects.
AB - Network anomaly detection systems can be used to identify anomalous transfers or threats, which, when undetected, can trigger large-scale malicious events. Data-intensive science projects rely on high-throughput computing and high-speed networking resources for data analysis and processing. In this paper, we propose an anomaly detection framework and architecture for identifying anomalies in GridFTP transfers. Application-awareness plays an important role in our proposed architecture and is used to communicate GridFTP application metadata to the machine learning and anomaly detection system. We demonstrate the effectiveness of our architecture by evaluating the framework with a real-world, large-scale dataset of GridFTP transfers. Preliminary results show that our framework can be used to develop novel anomaly detection services with diverse feature sets for distributed and data-intensive projects.
UR - http://www.scopus.com/inward/record.url?scp=85050411010&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85050411010&partnerID=8YFLogxK
U2 - 10.1145/3180465.3180469
DO - 10.1145/3180465.3180469
M3 - Conference contribution
AN - SCOPUS:85050411010
T3 - SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018
SP - 7
EP - 12
BT - SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018
PB - Association for Computing Machinery, Inc
ER -