Monitoring communication networks and their trac is of essential importance for estimating the risk in the Internet, and therefore designing suited protection systems for com-puter networks. Network and trac analysis can be done thanks to measurement devices or honeypots. However, an-alyzing the huge amount of gathered data, and characteriz-ing the anomalies and attacks contained in these traces re-main complex and time consuming tasks, done by network and security experts using poorly automatized tools, and are consequently slow and costly. In this paper, we present an unsupervised algorithm -called UNADA for Unsupervised Network Anomaly Detection Algorithm -for identification and characterization of security related anomalies and at-tacks occurring in honeypots. This automatized method does not need any attack signature database, learning phase, or labeled trac. This corresponds to a major step towards autonomous security systems. This paper also shows how it is possible from anomalies characterization results to infer filtering rules that could serve for automatically configuring network routers, switches or firewalls. The performances of UNADA in terms of attacks identification accuracy are eval-uated using honeypot trac traces gathered on the honeypot network of the University of Maryland. The time latency for producing such accurate results are also presented, es-pecially showing how the parallelization capabilities of the algorithm help reducing this latency.