YAMA : a system for marking network traffic
Citable URI:
http://hdl.handle.net/1721.1/41607
| Title: | YAMA : a system for marking network traffic |
| Author: | Hernández González, Néstor Felipe |
| Other Contributors: | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. |
| Advisor: | Robert K. Cunningham. |
| Department: | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. |
| Publisher: | Massachusetts Institute of Technology |
| Issue Date: | 2006 |
| Abstract: | Computer security performance analysis requires precise labeling of traffic as either background or attack traffic. When an experiment is performed on-line, it may also be important to identify traffic from the security system. Today this is tedious and difficult, requiring personnel with a deep understanding of multiple protocols. YAMA (Your Able Marking Aide) is a tool that labels sessions and packets associated with a set of user actions given those actions, the traffic, and a network configuration (host information and web page corpus). An evaluation of a version that processes web traffic is performed using data from Alexas Top 100 Sites. YAMA 1.0 correctly associates the action of visiting a specific site with 90% of all HTTP packets, and 99% of both HTTP GET and DNS packets. Furthermore, YAMA 1.0 produces zero false positives when given a high-level event indicating a user visited one web site and packets from a different site. |
| Description: |
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006. Includes bibliographical references (p. 105-108). |
| URI: | http://hdl.handle.net/1721.1/41607 |
| Keywords: | Electrical Engineering and Computer Science. |
Files in this item
| Files | Size | Format | View | Description |
|---|---|---|---|---|
| Preview, non-printable (open to all) | 4.563Mb |
View/ |
Preview, non-printable (open to all) | |
| Full printable version (MIT only) | 4.563Mb |
View/ |
Full printable version (MIT only) |
This item appears in the following Collection(s)
All Items in DSpace@MIT are protected by original copyright, with all rights reserved, unless otherwise indicated.
|
|
Contact
MIT Libraries
|