DocumentCode :
3270096
Title :
A Network-wide Traffic Anomaly Detection Method Based on HSMM
Author :
Min, Li ; Shun-Zheng, Yu
Author_Institution :
Dept. of Electron. & Commun. Eng., Sun Yat-Sen Univ., Guangzhou
Volume :
3
fYear :
2006
fDate :
25-28 June 2006
Firstpage :
1636
Lastpage :
1640
Abstract :
Hidden semi-Markov model (HsMM) has been well studied and widely applied to many areas. The advantage of using an HsMM is its efficient forward-backward algorithm for estimating model parameters to best account for an observed sequence. In this paper, we propose an HsMM to model the distribution of network-wide traffic and use an observation window to distinguish DoS flooding attacks mixed within the normal background traffic. Several experiments are conducted to validate our method
Keywords :
computer networks; hidden Markov models; parameter estimation; security of data; telecommunication traffic; DoS flooding attacks; HSMM; denial-of-service; forward-backward algorithm; hidden semiMarkov model; model parameters estimation; network-wide traffic anomaly detection method; network-wide traffic distribution model; normal background traffic; observation window; observed sequence; Character recognition; Hidden Markov models; Intrusion detection; Parameter estimation; Probability distribution; Sequences; Stochastic processes; Sun; Telecommunication traffic; Traffic control;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Communications, Circuits and Systems Proceedings, 2006 International Conference on
Conference_Location :
Guilin
Print_ISBN :
0-7803-9584-0
Electronic_ISBN :
0-7803-9585-9
Type :
conf
DOI :
10.1109/ICCCAS.2006.284987
Filename :
4064213
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3270096
بازگشت