Network traffic anomaly detection based on sliding window

Author

Jiang, Dingde ; Liu, Jindi ; Xu, Zhengzheng ; Qin, Wenda

Author_Institution

Coll. of Inf. Sci. & Eng., Northeastern Univ., Shenyang, China

fYear

2011

fDate

16-18 Sept. 2011

Firstpage

4830

Lastpage

4833

Abstract

Abnormal network traffic has a very great harm to the network, so we need to quickly detect abnormal traffic. However, the existing detection methods take a lot of computational overhead, which will make it hard to meet the real-time requirement. This paper presents a distributed network traffic anomaly detection algorithm based on sliding window, which uses decomposable principal component analysis to handle network traffic signals. Through sliding time window, traffic anomaly detection will be limited to the specified scope of time. This significantly reduces the amount of data analysis to improve the speed of anomaly detection. Using the dataset from real network to simulate, we validate that the proposed algorithm is effective and feasible.

Keywords

principal component analysis; security of data; telecommunication traffic; data analysis; decomposable principal component analysis; distributed network traffic anomaly detection algorithm; sliding window; Correlation; Detection algorithms; Educational institutions; Estimation; Principal component analysis; Real time systems; Simulation; anomaly detection; network traffic; principal component analysis; sliding window;

fLanguage

English

Publisher

ieee

Conference_Titel

Electrical and Control Engineering (ICECE), 2011 International Conference on

Conference_Location

Yichang

Print_ISBN

978-1-4244-8162-0

Type

conf

DOI

10.1109/ICECENG.2011.6057677

Filename

6057677