Overview

Network traffic characterization, traffic engineering/management and detection and tracking of traffic anomalies are covered with a focus on statistical and information theoretic concepts, signal processing, and control theory. Network (cyber) traffic is characterized based on statistical and information theoretic approaches such as self similarity and information entropy. Traffic flows and traffic flow analysis are presented; multimedia nature of network traffic discussed. Traffic engineering techniques of congestion control, traffic redirection, and admission control are examined utilizing network flows and queue management and analysis. Detection theory is introduced. Detection of threat activity based on traffic anomalies is examined. Neyman-Peason criterion and the receiver operating characteristic are presented. Traffic flow analysis for activity tracking is discussed. Case studies of local area networks, the Internet, sensor networks, and wireless networks including the 4G systems are conducted. Laboratories will provide hands-on experience and introduce tools of traffic characterization, detection, monitoring, and tracing.

Included in Degrees & Certificates

• 288
• 296
• 297

Prerequisites

• EC3730
• EC3500

Learning Outcomes

• The student will able to outline network traffic elements: media, packet types, and structure.
• The student will be able to determine traffic characterization using second moment analysis and information theoretic techniques.
• The student will be able to define self-similarity of traffic using long tailed distributions and Hurst parameter.
• Given an operational scenario, the student will be able to propose congestion control schemes to improve network performance.
• The student will be able to list network data flows and traffic management requirements.
• The student will be able to apply the Neyman-Pearson criterion to traffic anomaly detection problems.
• The student will be able to describe traffic classification by way of traffic patterns and flow identification.
• The student will be able to propose anomaly detection schemes using object tracking and flow monitoring and apply statistical and visualization tools.
• The student will be able to develop schemes for network traffic analysis and anomaly detection for both wired and wireless platforms.
• The student will be able to undertake case studies of LAN, WAN, 4G networks, and the Internet based traffic and anomaly detection.