Skip to main content
Conference Proceedings

Backhoe, a packet trace and log browser

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008) 5210 LNCS 152-160
DOI: 10.1007/978-3-540-85933-8_15
2Citations
Citations of this article
12Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We present Backhoe, a tool for browsing packet trace or other event logs that makes it easy to spot "statistical novelties" in the traffic, i.e. changes in the character of frequency distributions of feature values and in mutual relationships between pairs of features. Our visualization uses feature entropy and mutual information displays as either the top-level summary of the dataset or alongside the data. Our tool makes it easy to switch between absolute and conditional metrics, and observe their variations at a glance. We successfully used Backhoe for analysis of proprietary protocols. © 2008 Springer-Verlag Berlin Heidelberg.

Cite

CITATION STYLE

APA

Bratus, S., Hansen, A., Pellacini, F., & Shubina, A. (2008). Backhoe, a packet trace and log browser. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5210 LNCS, pp. 152–160). https://doi.org/10.1007/978-3-540-85933-8_15

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free