Title :
A novel anomaly detection system based on seven-dimensional flow analysis
Author :
de Assis, Marcos V. O. ; Rodrigues, Joel J. P. C. ; Lemes Proenca Junior, Mario
Author_Institution :
Comput. Sci. Dept., State Univ. of Londrina, Londrina, Brazil
Abstract :
Anomaly detection in large-scale networks is not a simple task, although there are several studies in this area. The continuous expansion of computer networks results in increased complexity of management processes. Thus, simple and efficient anomaly detection mechanisms are required in order to assist the management of these networks. In this paper, we present an anomaly detection system using a seven-dimensional flow analysis. To accomplish this objective, we used the improved Holt-Winters forecasting method on the traffic characterization of each one of the different analyzed dimensions, here called Digital Signature of Network Segment using Flow analysis (DSNSF). The system not only warns the network administrator about the problem, but also provides the necessary information to solve it. Real data are collected and used by the system to measure its efficiency and accuracy.
Keywords :
computer network security; digital signatures; telecommunication traffic; DSNSF; Holt-Winters forecasting method; anomaly detection system; computer networks; flow analysis; network administrator; network segment digital signature; seven-dimensional flow analysis; traffic characterization; Equations; Feature extraction; Forecasting; IP networks; Mathematical model; Ports (Computers); Security; DSNSF; HWDS; Holt-Winters; Network Management; Seven-dimensional Flow Analysis; Traffic Characterization;
Conference_Titel :
Global Communications Conference (GLOBECOM), 2013 IEEE
Conference_Location :
Atlanta, GA
DOI :
10.1109/GLOCOM.2013.6831160
