Title :
Sliding Modes for Anomaly Observation in TCP Networks: From Theory to Practice
Author :
Rahme, S. ; Labit, Yann ; Gouaisbaut, Frederic ; Floquet, Thierry
Author_Institution :
LAAS, Toulouse, France
Abstract :
Anomaly detection has been an active open problem in the networks community for several years. In this brief, we aim at detecting such abnormal signals by control theory techniques. Several classes of sliding mode observers are proposed for a fluid flow model of the transmission control protocol (TCP)/internet protocol network. Comparative simulations via network simulator NS-2 show the enhancement brought by a higher order sliding mode observer. The efficiency of this observer opens the way toward observing traffics with real TCP flow characteristics. To achieve this end, trace replay techniques for TCP traffic traces are presented. Finally, experiments lead to successful anomaly estimation under real traffic conditions.
Keywords :
Internet; discrete event simulation; observers; telecommunication traffic; transport protocols; variable structure systems; TCP flow characteristics; TCP networks; TCP traffic traces; Transmission Control Protocol-Internet Protocol network; anomaly detection; anomaly estimation; anomaly observation; control theory techniques; fluid flow model; higher order sliding mode observer; network simulator NS-2; trace replay techniques; Asymptotic stability; Convergence; Mathematical model; Observers; Protocols; Shape; Stability analysis; Anomalies; NS-2; TCP Protocol; faults detection and reconstruction; quality of service; sliding mode observers; time delayed systems; traffic trace replay;
Journal_Title :
Control Systems Technology, IEEE Transactions on
DOI :
10.1109/TCST.2012.2198648
