Abstract: Over the past few years, the Internet infrastructure has become a critical part of the global communications fabric. A survey done by Internet Systems Consortium shows that the number of hosts advertised in domain name system has risen by a factor of 42 from Jan. 1996 to Jan. 2006. Emergence of new applications and protocols, such as voice over Internet Protocol, pear-to-pear, and video on demand, also increases the complexity of Internet. All these trends push increasing demands on more reliable and secure service. This brings the interests of Internet service providers (ISP) in network centric traffic analysis. This talk considers network centric traffic analysis from two perspectives, which are of ISP's most interest: 1) network centric anomaly detection and 2) network centric traffic classification. The first part of the talk focuses on network centric anomaly detection. Despite the rapid advance in networking technologies, detection of network anomalies at high-speed switches/routers is still far from maturity. To push the frontier, two major technologies need to be addressed. The first one is efficient feature-extraction algorithms/hardware that can match a line rate in the order of Gb/s; the second one is fast and effective anomaly detection schemes. We solved both issues in the first part of the talk. The simulation results show that our scheme can detect network anomalies with high accuracy, even if the volume of abnormal traffic on each link is extremely small. Specifically, for the same false alarm probability, our scheme has a detection probability of 0.97, while the existing scheme has a detection probability of 0.17, which demonstrates the superior performance of our scheme. The second part of the talk focuses on network centric traffic classification. This is of high significance of ISPs and enterprise network administrators for providing different QoS guarantees to different applications. Under efficiency considerations, network centric traffic classification should only depends on information carried in up to transport-layer headers, e.g., IP, TCP, or UDP headers.