Online Program Home
My Program

Abstract Details

Activity Number: 445
Type: Contributed
Date/Time: Tuesday, August 2, 2016 : 2:00 PM to 3:50 PM
Sponsor: Section on Statistical Learning and Data Science
Abstract #320429
Title: AMON: An Open Source Architecture for Online Monitoring, Statistical Analysis, and Forensics of Multi-Gigabit Streams
Author(s): Shrijita Bhattacharya* and Michael Khallitsis
Companies: University of Michigan and Merit

The Internet, as an extensive array of information resources and services requires real-time monitoring and rapid, online, statistical analysis of network traffic for comprehension of its structure, identification and prevention of cyber-attacks. We develop an open source architecture, AMON (All-packet MONitor), for online monitoring and sequential analysis of multi-gigabit data streams under relatively stringent time and space constraints. AMON examines all packets passing through a high-performance software packet monitor PF-RING, partitions traffic into sub-streams by using rapid hashing and computes certain real-time statistical summaries to detect statistically significant heavy hitters (outliers) in traffic volume, relative volume and connectivity. AMON framework does not require specialized hardware, is readily deployable, and allows for the visualization and statistical detection at the time-of-onset of high-connectivity events such as DDoS (Distributed Denial of Service Attacks).

Authors who are presenting talks have a * after their name.

Back to the full JSM 2016 program

Copyright © American Statistical Association