{"title":"基于流技术的实时异常检测系统","authors":"Y. Du, Jun Liu, Fang Liu, Luying Chen","doi":"10.1109/IHMSC.2014.168","DOIUrl":null,"url":null,"abstract":"With the wide deployment of flow monitoring in IP networks, flow data has been more and more applied on abnormal traffic detection. In practice, anomalies should be detected as fast as possible from giant quantity of flow data, while, at present, some classical anomalies detecting methods can not achieve this goal. In this paper, we propose and implement a distributed streaming computing system which aims to perform real-time anomalies detection by leveraging Apache Storm, a stream-computing platform. Based on this efficient system, we can uninterruptedly monitor the mutation of flow data and locate the source of anomalies or attacks in real-time by finding the specific abnormal IP addresses. A typical application example proved the capability and benefits of our system and we also have a detailed discussion in performance measurements and scalability.","PeriodicalId":370654,"journal":{"name":"2014 Sixth International Conference on Intelligent Human-Machine Systems and Cybernetics","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"A Real-Time Anomalies Detection System Based on Streaming Technology\",\"authors\":\"Y. Du, Jun Liu, Fang Liu, Luying Chen\",\"doi\":\"10.1109/IHMSC.2014.168\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the wide deployment of flow monitoring in IP networks, flow data has been more and more applied on abnormal traffic detection. In practice, anomalies should be detected as fast as possible from giant quantity of flow data, while, at present, some classical anomalies detecting methods can not achieve this goal. In this paper, we propose and implement a distributed streaming computing system which aims to perform real-time anomalies detection by leveraging Apache Storm, a stream-computing platform. Based on this efficient system, we can uninterruptedly monitor the mutation of flow data and locate the source of anomalies or attacks in real-time by finding the specific abnormal IP addresses. A typical application example proved the capability and benefits of our system and we also have a detailed discussion in performance measurements and scalability.\",\"PeriodicalId\":370654,\"journal\":{\"name\":\"2014 Sixth International Conference on Intelligent Human-Machine Systems and Cybernetics\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 Sixth International Conference on Intelligent Human-Machine Systems and Cybernetics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IHMSC.2014.168\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 Sixth International Conference on Intelligent Human-Machine Systems and Cybernetics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IHMSC.2014.168","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Real-Time Anomalies Detection System Based on Streaming Technology
With the wide deployment of flow monitoring in IP networks, flow data has been more and more applied on abnormal traffic detection. In practice, anomalies should be detected as fast as possible from giant quantity of flow data, while, at present, some classical anomalies detecting methods can not achieve this goal. In this paper, we propose and implement a distributed streaming computing system which aims to perform real-time anomalies detection by leveraging Apache Storm, a stream-computing platform. Based on this efficient system, we can uninterruptedly monitor the mutation of flow data and locate the source of anomalies or attacks in real-time by finding the specific abnormal IP addresses. A typical application example proved the capability and benefits of our system and we also have a detailed discussion in performance measurements and scalability.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
