Title :
Distributed stealthy traffic anomaly detection based on wavelet packet analysis
Author :
Li, Zong-lin ; Hu, Guang-Min ; Yao, Xingmiao
Author_Institution :
Key Lab. of Broadband Opt. Fiber Transm. & Commun. Networks, Univ. of Electron. Sci. & Technol. of China (UESTC), Chengdu, China
Abstract :
Distributed anomalous traffic is difficult to detect, since it is simultaneously dispersed in many links and tend to not present any obvious anomalous features in a single link. This paper proposed a multi-scale spatial detection method against distributed stealthy traffic anomaly, it can deploy early-stage detection on key nodes of network. Multi-scale wavelet packet analysis is performed separately on links at which information is available on each node, with the aim of getting abnormal frequency ranges at different time sections and reconstructing signals with anomalous features. Then from a spatial point of view, evaluate deviation degree of high dimension vectors that composed of reconstructions by kernel density estimation as anomaly indicator. Detection results on both real anomalies of American education backbone network and synthetic distributed anomalies shows, our method performs better than existing method.
Keywords :
computer network management; computer network security; signal processing; telecommunication traffic; distributed stealthy traffic anomaly detection; kernel density estimation; multi-scale spatial detection method; multi-scale wavelet packet analysis; Base stations; Clustering algorithms; Design engineering; Energy consumption; Network topology; Power engineering and energy; Routing protocols; Wavelet analysis; Wavelet packets; Wireless sensor networks; Network security; anomaly traffic detection; multi-scale analysis; spatial detection;
Conference_Titel :
Apperceiving Computing and Intelligence Analysis, 2009. ICACIA 2009. International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5204-0
Electronic_ISBN :
978-1-4244-5206-4
DOI :
10.1109/ICACIA.2009.5361117
