Network Traffic Anomaly Detection Through Correlation Integrals
نویسندگان
چکیده
Due to the close relationship between the correlation integral and the fractal dimension, it is natural to presume that the correlation integral is also capable of characterizing network traffic. In this paper, we use captured traffic traces to illustrate that one can indeed describe the dynamics of the Internet traffic with a template of correlation integrals. Furthermore, this template can be leveraged to detect abnormal traffic.
منابع مشابه
Detecting Traffic Anomalies at the Source through aggregate analysis of packet header data
The frequent attacks on network infrastructure, using various forms of denial of service attacks, have led to an increased need for developing techniques for analyzing network traffic. If efficient analysis tools were available, it could become possible to detect the attacks, anomalies and to appropriately take action to contain the attacks before they have had time to propagate across the netw...
متن کاملDetecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many links can be prevailing, and does more harm to the networks. Aiming at the similar features of d...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملReal-time analysis of aggregate network traffic for anomaly detection
Real-time Analysis of Aggregate Network Traffic for Anomaly Detection. (May 2005) Seong Soo Kim, B.S., Yonsei University; M.S., Yonsei University Chair of Advisory Committee: Dr. A. L. Narasimha Reddy The frequent and large-scale network attacks have led to an increased need for developing techniques for analyzing network traffic. If efficient analysis tools were available, it could become poss...
متن کاملDetecting Traffic Anomalies through Aggregate Analysis of Packet Header Data
If efficient network analysis tools were available, it could become possible to detect the attacks, anomalies and to appropriately take action to contain the attacks. In this paper, we suggest a technique for traffic anomaly detection based on analyzing correlation of destination IP addresses in outgoing traffic at an egress router. This address correlation data are transformed through discrete...
متن کامل