Uncertainty Aware Clustering for Behaviour in Enterprise Networks

Maha Bakoben; Niall Adams; Anthony Bellotti

doi:10.1109/ICDMW.2016.0045

Uncertainty Aware Clustering for Behaviour in Enterprise Networks

Maha Bakoben, Niall Adams, Anthony Bellotti

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

2 Citations (Scopus)

Abstract

Understanding relationships between entities in a computer network is an important task in enterprise cyber-security. This paper presents a novel procedure for exploring similarity relationships in Netflow behaviour-Activity over time. We demonstrate a two-stage procedure. First, a statistical model is used as a summary of raw data. Naturally, the parameters of such a model are subject to estimation uncertainty. The second stage develops a similarity metric that incorporates this uncertainty. Standard clustering procedures then become available. We illustrate the method using connection-based data derived from Netflow records, from a recently released public domain data set.

Original language	English
Title of host publication	Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016
Editors	Carlotta Domeniconi, Francesco Gullo, Francesco Bonchi, Francesco Bonchi, Josep Domingo-Ferrer, Ricardo Baeza-Yates, Ricardo Baeza-Yates, Ricardo Baeza-Yates, Zhi-Hua Zhou, Xindong Wu
Publisher	IEEE Computer Society
Pages	269-272
Number of pages	4
ISBN (Electronic)	9781509054725
DOIs	https://doi.org/10.1109/ICDMW.2016.0045
Publication status	Published - 2 Jul 2016
Externally published	Yes
Event	16th IEEE International Conference on Data Mining Workshops, ICDMW 2016 - Barcelona, Spain Duration: 12 Dec 2016 → 15 Dec 2016

Publication series

Name	IEEE International Conference on Data Mining Workshops, ICDMW
Volume	0
ISSN (Print)	2375-9232
ISSN (Electronic)	2375-9259

Conference

Conference	16th IEEE International Conference on Data Mining Workshops, ICDMW 2016
Country/Territory	Spain
City	Barcelona
Period	12/12/16 → 15/12/16

ASJC Scopus subject areas

Computer Science Applications
Software

Access to Document

10.1109/ICDMW.2016.0045

Cite this

Bakoben, M., Adams, N., & Bellotti, A. (2016). Uncertainty Aware Clustering for Behaviour in Enterprise Networks. In C. Domeniconi, F. Gullo, F. Bonchi, F. Bonchi, J. Domingo-Ferrer, R. Baeza-Yates, R. Baeza-Yates, R. Baeza-Yates, Z.-H. Zhou, & X. Wu (Eds.), Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016 (pp. 269-272). Article 7836676 (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 0). IEEE Computer Society. https://doi.org/10.1109/ICDMW.2016.0045

Bakoben, Maha ; Adams, Niall ; Bellotti, Anthony. / Uncertainty Aware Clustering for Behaviour in Enterprise Networks. Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016. editor / Carlotta Domeniconi ; Francesco Gullo ; Francesco Bonchi ; Francesco Bonchi ; Josep Domingo-Ferrer ; Ricardo Baeza-Yates ; Ricardo Baeza-Yates ; Ricardo Baeza-Yates ; Zhi-Hua Zhou ; Xindong Wu. IEEE Computer Society, 2016. pp. 269-272 (IEEE International Conference on Data Mining Workshops, ICDMW).

@inproceedings{b038dfcce7b04c8c84fc08ac6e489e7b,

title = "Uncertainty Aware Clustering for Behaviour in Enterprise Networks",

abstract = "Understanding relationships between entities in a computer network is an important task in enterprise cyber-security. This paper presents a novel procedure for exploring similarity relationships in Netflow behaviour-Activity over time. We demonstrate a two-stage procedure. First, a statistical model is used as a summary of raw data. Naturally, the parameters of such a model are subject to estimation uncertainty. The second stage develops a similarity metric that incorporates this uncertainty. Standard clustering procedures then become available. We illustrate the method using connection-based data derived from Netflow records, from a recently released public domain data set.",

author = "Maha Bakoben and Niall Adams and Anthony Bellotti",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016 ; Conference date: 12-12-2016 Through 15-12-2016",

year = "2016",

month = jul,

day = "2",

doi = "10.1109/ICDMW.2016.0045",

language = "English",

series = "IEEE International Conference on Data Mining Workshops, ICDMW",

publisher = "IEEE Computer Society",

pages = "269--272",

editor = "Carlotta Domeniconi and Francesco Gullo and Francesco Bonchi and Francesco Bonchi and Josep Domingo-Ferrer and Ricardo Baeza-Yates and Ricardo Baeza-Yates and Ricardo Baeza-Yates and Zhi-Hua Zhou and Xindong Wu",

booktitle = "Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016",

address = "United States",

}

Bakoben, M, Adams, N & Bellotti, A 2016, Uncertainty Aware Clustering for Behaviour in Enterprise Networks. in C Domeniconi, F Gullo, F Bonchi, F Bonchi, J Domingo-Ferrer, R Baeza-Yates, R Baeza-Yates, R Baeza-Yates, Z-H Zhou & X Wu (eds), Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016., 7836676, IEEE International Conference on Data Mining Workshops, ICDMW, vol. 0, IEEE Computer Society, pp. 269-272, 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016, Barcelona, Spain, 12/12/16. https://doi.org/10.1109/ICDMW.2016.0045

Uncertainty Aware Clustering for Behaviour in Enterprise Networks. / Bakoben, Maha; Adams, Niall; Bellotti, Anthony.
Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016. ed. / Carlotta Domeniconi; Francesco Gullo; Francesco Bonchi; Francesco Bonchi; Josep Domingo-Ferrer; Ricardo Baeza-Yates; Ricardo Baeza-Yates; Ricardo Baeza-Yates; Zhi-Hua Zhou; Xindong Wu. IEEE Computer Society, 2016. p. 269-272 7836676 (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 0).

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Uncertainty Aware Clustering for Behaviour in Enterprise Networks

AU - Bakoben, Maha

AU - Adams, Niall

AU - Bellotti, Anthony

PY - 2016/7/2

Y1 - 2016/7/2

N2 - Understanding relationships between entities in a computer network is an important task in enterprise cyber-security. This paper presents a novel procedure for exploring similarity relationships in Netflow behaviour-Activity over time. We demonstrate a two-stage procedure. First, a statistical model is used as a summary of raw data. Naturally, the parameters of such a model are subject to estimation uncertainty. The second stage develops a similarity metric that incorporates this uncertainty. Standard clustering procedures then become available. We illustrate the method using connection-based data derived from Netflow records, from a recently released public domain data set.

AB - Understanding relationships between entities in a computer network is an important task in enterprise cyber-security. This paper presents a novel procedure for exploring similarity relationships in Netflow behaviour-Activity over time. We demonstrate a two-stage procedure. First, a statistical model is used as a summary of raw data. Naturally, the parameters of such a model are subject to estimation uncertainty. The second stage develops a similarity metric that incorporates this uncertainty. Standard clustering procedures then become available. We illustrate the method using connection-based data derived from Netflow records, from a recently released public domain data set.

UR - http://www.scopus.com/inward/record.url?scp=85015153689&partnerID=8YFLogxK

U2 - 10.1109/ICDMW.2016.0045

DO - 10.1109/ICDMW.2016.0045

M3 - Conference contribution

AN - SCOPUS:85015153689

T3 - IEEE International Conference on Data Mining Workshops, ICDMW

SP - 269

EP - 272

BT - Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016

A2 - Domeniconi, Carlotta

A2 - Gullo, Francesco

A2 - Bonchi, Francesco

A2 - Domingo-Ferrer, Josep

A2 - Baeza-Yates, Ricardo

A2 - Zhou, Zhi-Hua

A2 - Wu, Xindong

PB - IEEE Computer Society

T2 - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016

Y2 - 12 December 2016 through 15 December 2016

ER -

Bakoben M, Adams N, Bellotti A. Uncertainty Aware Clustering for Behaviour in Enterprise Networks. In Domeniconi C, Gullo F, Bonchi F, Bonchi F, Domingo-Ferrer J, Baeza-Yates R, Baeza-Yates R, Baeza-Yates R, Zhou ZH, Wu X, editors, Proceedings - 16th IEEE International Conference on Data Mining Workshops, ICDMW 2016. IEEE Computer Society. 2016. p. 269-272. 7836676. (IEEE International Conference on Data Mining Workshops, ICDMW). doi: 10.1109/ICDMW.2016.0045

Uncertainty Aware Clustering for Behaviour in Enterprise Networks

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this