论文信息 - Anomaly Identification Based on Flow Analysis

Anomaly Identification Based on Flow Analysis

Recently, the concern about network management and network security has inspired many research topics, among which, research on detecting and identifying anomalies has attracted a lot of interest. In this paper, we propose an anomaly identification method based on traffic flow analysis. The result of the research proves that by assembling some features of traffic flows and calculating some specific extended metrics, we can successfully detect and identify network anomalies with high accuracy. Besides, the method also proves its efficiency with the ability to quantify network anomalies and locate relevant network nodes. The research validity has been verified by both simulation data and real network data

M. Zhanikeev | L.T. Quyen | Y. Tanaka

[1] Roberto Battiti,et al. Identifying Intrusions in Computer Networks based on Principal Component Analysis , 2005 .

[2] Mark Crovella,et al. Characterization of network-wide anomalies in traffic flows , 2004, IMC '04.

[3] Roberto Battiti,et al. Identifying intrusions in computer networks with principal component analysis , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[4] Donato Malerba,et al. Learning the Daily Model of Network Traffic , 2005, ISMIS.

[5] Vasilios A. Siris,et al. Application of anomaly detection algorithms for detecting SYN flooding attacks , 2004, GLOBECOM.