مرکز منطقه ای اطلاع رساني علوم و فناوري - A Method of Detecting Network Anomalies in Cyclic Traffic

DocumentCode :

1675751

Title :

A Method of Detecting Network Anomalies in Cyclic Traffic

Author :

Harada, Shigeaki ; Kawahara, Ryoichi ; Mori, Tatsuya ; Kamiyama, Noriaki ; Hasegawa, Haruhisa ; Yoshino, Hideaki

Author_Institution :

NTT Service Integration Labs., NTT Corp., Musashino

fYear :

2008

Firstpage :

Lastpage :

Abstract :

We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.

Keywords :

IP networks; telecommunication security; telecommunication traffic; IP address; cyclic traffic; differentiation accuracy; distributed denial of service attacks; flash crowds; network anomaly detection; suspicious traffic; Communication system traffic control; Face detection; Filtering; Monitoring; Predictive models; Signal analysis; Signal processing algorithms; Spine; Telecommunication traffic; Traffic control;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE

Conference_Location :

New Orleans, LO

ISSN :

1930-529X

Print_ISBN :

978-1-4244-2324-8

Type :

conf

DOI :

10.1109/GLOCOM.2008.ECP.396

Filename :

4698171

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1675751