An Continuous Wavelet Transform-Based Detection Approach to Traffic Anomalies

被引：0

作者：

Jiang, Dingde ^{[1
]}

Yao, Cheng ^{[1
]}

Xu, Zhengzheng ^{[1
]}

Zhang, Peng ^{[1
]}

Yuan, Zhen ^{[1
]}

Qin, Wenda ^{[1
]}

机构：

[1] NEU, Coll Informat Sci & Engn, Shenyang 110819, Peoples R China

来源：

MECHANICAL AND ELECTRONICS ENGINEERING III, PTS 1-5 | 2012年 / 130-134卷

关键词：

Network traffic; anomaly detection; continuous wavelet transform; multi-scale analysis; MATRIX ESTIMATION;

D O I：

10.4028/www.scientific.net/AMM.130-134.2098

中图分类号：

TH [机械、仪表工业];

学科分类号：

0802 ;

摘要：

Anomalous traffic often has a significant impact on network activities and lead to the severe damage to our networks because they usually are involved with network faults and network attacks. How to detect effectively network traffic anomalies is a challenge for network operators and researchers. This paper proposes a novel method for detecting traffic anomalies in a network, based on continuous wavelet transform. Firstly, continuous wavelet transforms are performed for network traffic in several scales. We then use multi-scale analysis theory to extract traffic characteristics. And these characteristics in different scales are further analyzed and an appropriate detection threshold can be obtained. Consequently, we can make the exact anomaly detection. Simulation results show that our approach is effective and feasible.

引用

页码：2098 / 2102

页数：5

共 10 条

[1]

[Anonymous], P IEEE C GLOB TEL

[2] An accurate approach of large-scale IP traffic matrix estimation [J].

Jiang, Dingde ;

Chen, Jun ;

He, Linbo .

IEICE TRANSACTIONS ON COMMUNICATIONS, 2007, E90B (12) :3673-3676

[3] An optimization method of large-scale IP traffic matrix estimation [J].

Jiang, Dingde ;

Wang, Xingwei ;

Guo, Lei .

AEU-INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATIONS, 2010, 64 (07) :685-689

[4] Statistical techniques for detecting traffic anomalies through packet header data [J].

Kim, Seong Soo ;

Reddy, A. L. Narasimha .

IEEE-ACM TRANSACTIONS ON NETWORKING, 2008, 16 (03) :562-575

[5] Mining anomalies using traffic feature distributions [J].

Lakhina, A ;

Crovella, M ;

Diot, C .

ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2005, 35 (04) :217-228

[6] Diagnosing network-wide traffic anomalies [J].

Lakhina, A ;

Crovella, M ;

Diot, C .

ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2004, 34 (04) :219-230

[7] The 1999 DARPA off-line intrusion detection evaluation [J].

Lippmann, R ;

Haines, JW ;

Fried, DJ ;

Korba, J ;

Das, K .

COMPUTER NETWORKS-THE INTERNATIONAL JOURNAL OF COMPUTER AND TELECOMMUNICATIONS NETWORKING, 2000, 34 (04) :579-595

[8] Spatio-Temporal Network Anomaly Detection by Assessing Deviations of Empirical Measures [J].

Paschalidis, Ioannis Ch. ;

Smaragdakis, Georgios .

IEEE-ACM TRANSACTIONS ON NETWORKING, 2009, 17 (03) :685-697

[9] Parametric Methods for Anomaly Detection in Aggregate Traffic [J].

Thatte, Gautam ;

Mitra, Urbashi ;

Heidemann, John .

IEEE-ACM TRANSACTIONS ON NETWORKING, 2011, 19 (02) :512-525

[10] Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics [J].

Xiang, Yang ;

Li, Ke ;

Zhou, Wanlei .

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2011, 6 (02) :426-437

← 1 →