网络流量异常检测与识别与流量监控

2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08) Pub Date : 2008-05-05 DOI:10.1109/WOCN.2008.4542524

H. A. Nguyen, Tam V. Nguyen, Dong Il Kim, Deokjai Choi

{"title":"网络流量异常检测与识别与流量监控","authors":"H. A. Nguyen, Tam V. Nguyen, Dong Il Kim, Deokjai Choi","doi":"10.1109/WOCN.2008.4542524","DOIUrl":null,"url":null,"abstract":"Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to find an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.","PeriodicalId":363625,"journal":{"name":"2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"27","resultStr":"{\"title\":\"Network traffic anomalies detection and identification with flow monitoring\",\"authors\":\"H. A. Nguyen, Tam V. Nguyen, Dong Il Kim, Deokjai Choi\",\"doi\":\"10.1109/WOCN.2008.4542524\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to find an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.\",\"PeriodicalId\":363625,\"journal\":{\"name\":\"2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-05-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"27\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WOCN.2008.4542524\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WOCN.2008.4542524","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 27

摘要

网络管理与安全是当前最为活跃的研究领域之一，其中异常检测与识别的研究引起了人们的极大兴趣。研究人员仍在努力寻找一种有效的、轻量级的异常检测方法。本文提出了一种简单、鲁棒的基于流量监测的网络异常流量检测方法。我们的方法基于监视捕获网络流量统计信息的四个预定义度量。为了证明新方法的强大功能，我们确实构建了一个应用程序，使用我们的方法检测网络异常。实验结果表明，利用流量数据中的四个简单指标不仅可以有效地检测和识别网络流量异常。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Network traffic anomalies detection and identification with flow monitoring

Network management and security is currently one of the most vibrant research areas, among which, research on detecting and identifying anomalies has attracted a lot of interest. Researchers are still struggling to find an effective and lightweight method for anomaly detection purpose. In this paper, we propose a simple, robust method that detects network anomalous traffic data based on flow monitoring. Our method works based on monitoring the four predefined metrics that capture the flow statistics of the network. In order to prove the power of the new method, we did build an application that detects network anomalies using our method. And the result of the experiments proves that by using the four simple metrics from the flow data, we do not only effectively detect but can also identify the network traffic anomalies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08)

自引率

0.00%

发文量