Title :
Traffic Summary Analysis for Network Abuse Detection in High Date-Rate ISP Networks
Author :
Sandford, P. ; Parish, D.J. ; Sandford, J.M.
Author_Institution :
Loughborough Univ., Loughborough
Abstract :
The recent explosion in bandwidth available to home users has caused traffic rates for commercial national networks to increasing rapidly. This presents a problem for any core network monitoring tool as the traffic rate it is expected to monitor is rising on a monthly basis. Security within these networks is paramount as they are now a stable home of trade and commerce. This paper suggests that the use of summary statistics, gathered over a number of packets, is a sensible way of coping with high data rates. We further present a methodology for discovering which metrics are appropriate for classifying significant network events and demonstrate this in a test environment. Finally we show how the statistical variance found in the test environment matches to those found in a National network core.
Keywords :
Internet; computer network management; statistical analysis; telecommunication security; telecommunication traffic; Internet; high date-rate ISP networks; live network monitoring system; network abuse detection; summary statistics; traffic summary analysis; Bandwidth; Computer crime; Data security; Explosions; Hardware; Intrusion detection; Monitoring; National security; Telecommunication traffic; Testing; Core Network Monitoring; Denial of Service; Intrusion Detection;
Conference_Titel :
Networking, 2007. ICN '07. Sixth International Conference on
Conference_Location :
Martinique
Print_ISBN :
0-7695-2805-8
Electronic_ISBN :
0-7695-2805-8
DOI :
10.1109/ICN.2007.101
