• DocumentCode
    3270096
  • Title

    A Network-wide Traffic Anomaly Detection Method Based on HSMM

  • Author

    Min, Li ; Shun-Zheng, Yu

  • Author_Institution
    Dept. of Electron. & Commun. Eng., Sun Yat-Sen Univ., Guangzhou
  • Volume
    3
  • fYear
    2006
  • fDate
    25-28 June 2006
  • Firstpage
    1636
  • Lastpage
    1640
  • Abstract
    Hidden semi-Markov model (HsMM) has been well studied and widely applied to many areas. The advantage of using an HsMM is its efficient forward-backward algorithm for estimating model parameters to best account for an observed sequence. In this paper, we propose an HsMM to model the distribution of network-wide traffic and use an observation window to distinguish DoS flooding attacks mixed within the normal background traffic. Several experiments are conducted to validate our method
  • Keywords
    computer networks; hidden Markov models; parameter estimation; security of data; telecommunication traffic; DoS flooding attacks; HSMM; denial-of-service; forward-backward algorithm; hidden semiMarkov model; model parameters estimation; network-wide traffic anomaly detection method; network-wide traffic distribution model; normal background traffic; observation window; observed sequence; Character recognition; Hidden Markov models; Intrusion detection; Parameter estimation; Probability distribution; Sequences; Stochastic processes; Sun; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications, Circuits and Systems Proceedings, 2006 International Conference on
  • Conference_Location
    Guilin
  • Print_ISBN
    0-7803-9584-0
  • Electronic_ISBN
    0-7803-9585-9
  • Type

    conf

  • DOI
    10.1109/ICCCAS.2006.284987
  • Filename
    4064213
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3270096