A hierarchical approach to traffic anomaly detection using image processing technique

Author

Jeong, Chi Yoon ; Chang, Beom-Hwan ; Na, Jung-Chan

Author_Institution

Knowledge-based Inf. Security & Safety Res. Dept., Electron. & Telecommun. Res. Inst., Daejeon, South Korea

fYear

2010

fDate

16-18 Aug. 2010

Firstpage

592

Lastpage

594

Abstract

Increasing malicious network traffic has been serious threats to the network security and network administrators have difficulty to detect the network attacks from vast network traffic. Because an image can contain the much traffic information and intuitively display the network status, it is helpful to reduce the processing time for detecting the anomalies. Therefore we proposed a hierarchical approach to detecting various network attacks using a two-tiered system of image analysis. In a first tier, random attacks are detected by analyzing the global traffic and we will be able to discover semi-random attacks by examining the local traffic images in second tier. The proposed method can effectively detects small-scale attacks like scanning attacks as well as large-scale attacks such as DDos, Worm and etc.

Keywords

IP networks; computer network security; image processing; telecommunication traffic; DDos; hierarchical approach; image analysis; local traffic images; malicious network traffic; network administrators; network attacks; network security; random attacks; scanning attacks; semirandom attacks; small-scale attack detection; traffic anomaly detection; Analytical models; Predictive models; Anomaly Detection; Image Processing; Network Security; Traffic Analysis; component;

fLanguage

English

Publisher

ieee

Conference_Titel

Networked Computing and Advanced Information Management (NCM), 2010 Sixth International Conference on

Conference_Location

Seoul

Print_ISBN

978-1-4244-7671-8

Electronic_ISBN

978-89-88678-26-8

Type

conf

Filename

5573233