Network Traffic Anomalies Identification Based on Classification Methods

A problem of network traffic anomalies detection in the computer networks is analyzed. Overview of anomalies detection methods is given then advantages and disadvantages of the different methods are analyzed. Model for the traffic anomalies detection was developed based on IBM SPSS Modeler and is used to analyze SNMP data of the router. Investigation of the traffic anomalies was done using three classification methods and different sets of the learning data. Based on the results of investigation it was determined that C5.1 decision tree method has the largest accuracy and performance and can be successfully used for identification of the network traffic anomalies.

[1]  Aruna Seneviratne,et al.  The case for a hybrid passive/active network monitoring scheme in the wireless Internet , 2000, Proceedings IEEE International Conference on Networks 2000 (ICON 2000). Networking Trends and Challenges in the New Millennium.

[2]  Mischa Schwartz,et al.  Schemes for fault identification in communication networks , 1995, TNET.

[3]  Paul Barford,et al.  Characteristics of network traffic flow anomalies , 2001, IMW '01.

[4]  Athina Markopoulou,et al.  Characterization of failures in an IP backbone , 2004, IEEE INFOCOM 2004.