acm-header
Sign In

Communications of the ACM

ACM TechNews

Amassing a Small Army Against a Growing Enemy


View as: Print Mobile App Share:
Boston University's Mark Crovella

Software designed by Mark Crovella's Boston University team looks for unusual data traffic. "Anything outside of statistically normal traffic patterns is potentially malicious," he says.

Credit: BU Today

Boston University (BU) researchers have developed software aimed at identifying unwanted Internet traffic, which would enable network providers to stop botnets from ever reaching personal computers. The software captures and analyzes unusual patterns, such as statistical anomalies in the amount or type of data being transferred, in traffic information at regular intervals as the data flows through the Internet.

"If you see a large variety of Internet protocol, or IP, addresses—numbers that identify individual computers—coming from one source in a short period of time, that kind of activity is statistically anomalous," and potentially malicious attacks, says BU professor Mark Crovella.

The software uses a technique called principal component analysis, which also is being used by GEANT, Europe's primary multigigabit computer network, for research and academic purposes. All data must be manually validated before research is submitted for publication, which is a time-consuming process.

From BU Today
View Full Article

 

Abstracts Copyright © 2011 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account