• DocumentCode
    1675751
  • Title

    A Method of Detecting Network Anomalies in Cyclic Traffic

  • Author

    Harada, Shigeaki ; Kawahara, Ryoichi ; Mori, Tatsuya ; Kamiyama, Noriaki ; Hasegawa, Haruhisa ; Yoshino, Hideaki

  • Author_Institution
    NTT Service Integration Labs., NTT Corp., Musashino
  • fYear
    2008
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.
  • Keywords
    IP networks; telecommunication security; telecommunication traffic; IP address; cyclic traffic; differentiation accuracy; distributed denial of service attacks; flash crowds; network anomaly detection; suspicious traffic; Communication system traffic control; Face detection; Filtering; Monitoring; Predictive models; Signal analysis; Signal processing algorithms; Spine; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE
  • Conference_Location
    New Orleans, LO
  • ISSN
    1930-529X
  • Print_ISBN
    978-1-4244-2324-8
  • Type

    conf

  • DOI
    10.1109/GLOCOM.2008.ECP.396
  • Filename
    4698171
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1675751