Title :
A Detecting Superpoint Algorithm on Multiple Sampling Technology
Author :
Guang, Cheng ; Jian, Gong
Author_Institution :
Sch. of Comput. Sci. & Eng., Southeast Univ., Nanjing, China
Abstract :
Super points are sources or destinations that connect to a larger number of distinct destinations or sources during a measurement time interval. High-speed monitoring of super points is a challenging problem with application to real-time attack detection using a limited memory space. In this paper, we propose a method for detecting super points, and prove guarantees on their accuracy and memory requirements. Our method is based on sampling and data streaming, and sampling technique can probabilistically assure to sample only large-flow sources or destinations. Data streaming technique sets an IP bitmap and flow bitmap to judge an existed IP. Our method are both theoretically and experimentally more efficient than previous approaches.
Keywords :
IP networks; computer network management; probability; sampling methods; telecommunication security; IP bitmap; data streaming; flow bitmap; high-speed monitoring; limited memory space; measurement time interval; multiple sampling technology; network management; network security; probability; real-time attack detection; super point detection algorithm; Algorithm design and analysis; Application software; Computer crime; Computer science; Computerized monitoring; Filters; Random access memory; Sampling methods; Telecommunication traffic; Time measurement;
Conference_Titel :
Future Generation Communication and Networking, 2008. FGCN '08. Second International Conference on
Conference_Location :
Hainan Island
Print_ISBN :
978-0-7695-3431-2
DOI :
10.1109/FGCN.2008.111
