• DocumentCode
    2897759
  • Title

    Forecasting the Distribution of Network Traffic for Anomaly Detection

  • Author

    Callegari, Christian ; Giordano, Stefano ; Pagano, Michele ; Pepe, Teresa

  • Author_Institution
    Dept. of Inf. Eng., Univ. of Pisa, Pisa, Italy
  • fYear
    2011
  • fDate
    16-18 Nov. 2011
  • Firstpage
    173
  • Lastpage
    180
  • Abstract
    The increasing number of network attacks causes growing problems for network operators and users. Thus, detecting anomalous traffic is of primary interest in IP networks management. In this paper we present a novel method for network anomaly detection, based on the idea of discovering Heavy Change (HC) in the distribution of the Heavy Hitters in the network traffic. To assess the validity of the proposed method, we have performed an extensive experimental evaluation phase, during which our system performance have been compared to a more "classical" HC-based approach. The performance analysis, presented in this paper, demonstrates the effectiveness of the proposed method.
  • Keywords
    IP networks; telecommunication network management; telecommunication security; telecommunication traffic; IP networks management; anomalous traffic detection; heavy change; heavy hitters; network anomaly detection; network attacks; network operators; network traffic distribution forecasting; network users; Aggregates; Context; Data models; Forecasting; IP networks; Smoothing methods; Time series analysis; Anomaly Detection; Heavy Change; Heavy Hitter; Sketch;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on
  • Conference_Location
    Changsha
  • Print_ISBN
    978-1-4577-2135-9
  • Type

    conf

  • DOI
    10.1109/TrustCom.2011.25
  • Filename
    6120817
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2897759