Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
نویسندگان
چکیده
منابع مشابه
Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many links can be prevailing, and does more harm to the networks. Aiming at the similar features of d...
متن کاملDetecting Distributed Attacks using Network-Wide Flow Traffic
Distributed denial of service attacks have become both prevalent and sophisticated. Botnet-driven attacks can be launched from thousands of worm-infected and compromised machines with relative ease and impunity today. The damage caused by such attacks is considerable: the 2004 CSI/FBI computer crime and security survey found that DDOS attacks are the second largest contributor to all financial ...
متن کاملSketch-based Network-wide Traffic Anomaly Detection
Internet has become an essential part of the daily life for billions of users worldwide, who are using a large variety of network services and applications everyday. However, there have been serious security problems and network failures that are hard to resolve, for example, Botnet attacks, polymorphic worm/virus spreading, DDoS, and flash crowds. To address many of these problems, we need to ...
متن کاملNetwork Traffic Anomaly Detection Through Correlation Integrals
Due to the close relationship between the correlation integral and the fractal dimension, it is natural to presume that the correlation integral is also capable of characterizing network traffic. In this paper, we use captured traffic traces to illustrate that one can indeed describe the dynamics of the Internet traffic with a template of correlation integrals. Furthermore, this template can be...
متن کاملNetwork Traffic Anomaly Detection
This paper presents a tutorial for network anomaly detection, focusing on non-signature-based approaches. Network traffic anomalies are unusual and significant changes in the traffic of a network. Networks play an important role in today’s social and economic infrastructures. The security of the network becomes crucial, and network traffic anomaly detection constitutes an important part of netw...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: EURASIP Journal on Advances in Signal Processing
سال: 2008
ISSN: 1687-6180
DOI: 10.1155/2009/752818