Network traffic anomalies detection and identification with flow monitoring

Author

Nguyen, Huy Anh ; Nguyen, Tam Van ; Kim, Dong II ; Choi, Deokjai

Author_Institution

Dept. of Comput. Eng., Chonnam Nat. Univ., Gwangju, South Korea

fYear

2008

fDate

5-7 May 2008

Firstpage

1

Lastpage

5

Abstract

Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to find an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.

Keywords

Internet; computer network management; statistical analysis; telecommunication security; telecommunication traffic; Internet; anomaly identification; flow monitoring; network management; network security; network traffic anomalies detection; statistics; Computer network management; Computer networks; Computer security; Computerized monitoring; Current measurement; Engineering management; Robustness; Statistics; Switches; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless and Optical Communications Networks, 2008. WOCN '08. 5th IFIP International Conference on

Conference_Location

Surabaya

Print_ISBN

978-1-4244-1979-1

Electronic_ISBN

978-1-4244-1980-7

Type

conf

DOI

10.1109/WOCN.2008.4542524

Filename

4542524