Title :
Anomaly Detection Based on Aggregated Network Behavior Metrics
Author :
Shen, Gang ; Chen, Dalong ; Qin, Zhongping
Author_Institution :
Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Network measurement is important to many network management tasks, including traffic anomaly detection. Aggregating packet header information is an effective and efficient way to collect network traffic statistics. We propose a set of aggregated network metrics that may be used to characterize the overall network behaviors. These metrics are generated from packet header based statistics and are stable to normal traffic while sensitive to anomaly. We further apply principal components analysis and information gain analysis to reduce data size. It is evaluated by experiments that the proposed detection system may generate satisfactory classification of network traffic.
Keywords :
principal component analysis; telecommunication network management; telecommunication security; telecommunication traffic; aggregated network behavior metrics; aggregated network metrics; information gain analysis; network management; network measurement; network traffic statistics; packet header information; packet header-based statistics; principal components analysis; traffic anomaly detection; Data analysis; Floods; Information analysis; Monitoring; Principal component analysis; Sampling methods; Statistics; Technology management; Telecommunication traffic; Traffic control;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2007. WiCom 2007. International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-1311-9
DOI :
10.1109/WICOM.2007.551
