Detecting and diagnosing anomalous traffic are important aspects of managing IP networks. In this paper, we propose a novel approach to detect anomalous network traffic based on graph theory concepts such as degree distribution, maximum degree and dK-2 distance. In this approach, we have used the traffic dispersion graphs (TDG) to model network traffic over time. We analyze differences of TDG graphs in time series to detect anomalies and introduce a method to identify attack patterns in anomalous traffic. The approach has been validated by using network traces from POSTECH and CAIDA. © 2011 ACM.

Le, D., Jeong, T., Roman, H., Hong, J. (2011). Traffic dispersion graph based anomaly detection. In ACM International Conference Proceeding Series (pp.36-41) [10.1145/2069216.2069227].

Traffic dispersion graph based anomaly detection

Roman H. E.;
2011

Abstract

Detecting and diagnosing anomalous traffic are important aspects of managing IP networks. In this paper, we propose a novel approach to detect anomalous network traffic based on graph theory concepts such as degree distribution, maximum degree and dK-2 distance. In this approach, we have used the traffic dispersion graphs (TDG) to model network traffic over time. We analyze differences of TDG graphs in time series to detect anomalies and introduce a method to identify attack patterns in anomalous traffic. The approach has been validated by using network traces from POSTECH and CAIDA. © 2011 ACM.
paper
anomalous traffic detection; DDoS attacks; network monitoring and analysis; network security; traffic dispersion graphs
English
2nd Symposium on Information and Communication Technology, SoICT 2011
2011
ACM International Conference Proceeding Series
9781450308809
2011
36
41
reserved
Le, D., Jeong, T., Roman, H., Hong, J. (2011). Traffic dispersion graph based anomaly detection. In ACM International Conference Proceeding Series (pp.36-41) [10.1145/2069216.2069227].
File in questo prodotto:
File Dimensione Formato  
2069216.2069227.pdf

Solo gestori archivio

Tipologia di allegato: Publisher’s Version (Version of Record, VoR)
Dimensione 391.21 kB
Formato Adobe PDF
391.21 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10281/326521
Citazioni
  • Scopus 27
  • ???jsp.display-item.citation.isi??? ND
Social impact