Network traffic anomalies detection and identification with flow monitoring

被引:7
作者
Nguyen, Huy Anh [1 ]
Nguyen, Tam Van [1 ]
Kim, Dong Il [1 ]
Choi, Deokjai [1 ]
机构
[1] Chonnam Natl Univ, Dept Comp Engn, Kwangju, South Korea
来源
2008 IFIP INTERNATIONAL CONFERENCE ON WIRELESS AND OPTICAL COMMUNICATIONS NETWORKS | 2008年
关键词
D O I
10.1109/CCE.2008.4578964
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to rind an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.
引用
收藏
页码:235 / +
页数:2
相关论文
共 12 条
[1]  
Brockwell PJ., 1996, INTRO TIME SERIES FO
[2]  
BRUTAG JD, 2000, ABERRANT BEHAV DETEC
[3]  
CHOI N, 2007, P ACM IPV6 07 AUG
[4]  
GOTO K, 2005, P ISCENG 05 MAY
[5]  
HAJJI H, 2003, IEEE INT C COMM 2003
[6]   Proactive network-fault detection [J].
Hood, CS ;
Ji, CY .
IEEE TRANSACTIONS ON RELIABILITY, 1997, 46 (03) :333-341
[7]  
*JUN NETW, 2006, DEN SERV ATT PROT
[8]  
SIRIS VA, 2004, IEEE GLOB TEL C DEC
[9]  
THOTTAN M, 2003, IEEE T SIGNAL PR AUG
[10]  
HACKERS CHOICE ATTAC