|
Angle Anomaly Detection project was created to monitor network traffic and to
detect unknown anomalous events. Network health is monitored by capturing
packets at multiple Internet locations and detecting new traffic trends and
sudden changes.
Each packet's network address along with all identifiable information is hashed
using a salt and the payload is zeroed before writing to disk. Hash salts are
changed every 10-100 million packets. Each packet is geo-tagged to a country of
origin and destination. Captured files are then processed to define behavior
clusters. Cluster definition changes are monitored across local/global data
domains for changes, trends and events.
The most recent data product is DR6, which was released on June, 2007.
Download instructions:
To obtain access to the Angle Anomaly data, please
contact NCDM
to join the
Angle Consortium.
|
|