A novel anomaly detection system based on seven-dimensional flow analysis

Author

de Assis, Marcos V. O. ; Rodrigues, Joel J. P. C. ; Lemes Proenca Junior, Mario

Author_Institution

Comput. Sci. Dept., State Univ. of Londrina, Londrina, Brazil

fYear

2013

fDate

9-13 Dec. 2013

Firstpage

735

Lastpage

740

Abstract

Anomaly detection in large-scale networks is not a simple task, although there are several studies in this area. The continuous expansion of computer networks results in increased complexity of management processes. Thus, simple and efficient anomaly detection mechanisms are required in order to assist the management of these networks. In this paper, we present an anomaly detection system using a seven-dimensional flow analysis. To accomplish this objective, we used the improved Holt-Winters forecasting method on the traffic characterization of each one of the different analyzed dimensions, here called Digital Signature of Network Segment using Flow analysis (DSNSF). The system not only warns the network administrator about the problem, but also provides the necessary information to solve it. Real data are collected and used by the system to measure its efficiency and accuracy.

Keywords

computer network security; digital signatures; telecommunication traffic; DSNSF; Holt-Winters forecasting method; anomaly detection system; computer networks; flow analysis; network administrator; network segment digital signature; seven-dimensional flow analysis; traffic characterization; Equations; Feature extraction; Forecasting; IP networks; Mathematical model; Ports (Computers); Security; DSNSF; HWDS; Holt-Winters; Network Management; Seven-dimensional Flow Analysis; Traffic Characterization;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Communications Conference (GLOBECOM), 2013 IEEE

Conference_Location

Atlanta, GA

Type

conf

DOI

10.1109/GLOCOM.2013.6831160

Filename

6831160