Detecting and diagnosing anomalous traffic are important aspects of managing IP networks. In this paper, we propose a novel approach to detect anomalous network traffic based on graph theory concepts such as degree distribution, maximum degree and dK-2 distance. In this approach, we have used the traffic dispersion graphs (TDG) to model network traffic over time. We analyze differences of TDG graphs in time series to detect anomalies and introduce a method to identify attack patterns in anomalous traffic. The approach has been validated by using network traces from POSTECH and CAIDA. © 2011 ACM.
Le, D., Jeong, T., Roman, H., Hong, J. (2011). Traffic dispersion graph based anomaly detection. In ACM International Conference Proceeding Series (pp.36-41) [10.1145/2069216.2069227].
Traffic dispersion graph based anomaly detection
Roman H. E.;
2011
Abstract
Detecting and diagnosing anomalous traffic are important aspects of managing IP networks. In this paper, we propose a novel approach to detect anomalous network traffic based on graph theory concepts such as degree distribution, maximum degree and dK-2 distance. In this approach, we have used the traffic dispersion graphs (TDG) to model network traffic over time. We analyze differences of TDG graphs in time series to detect anomalies and introduce a method to identify attack patterns in anomalous traffic. The approach has been validated by using network traces from POSTECH and CAIDA. © 2011 ACM.File | Dimensione | Formato | |
---|---|---|---|
2069216.2069227.pdf
Solo gestori archivio
Tipologia di allegato:
Publisher’s Version (Version of Record, VoR)
Dimensione
391.21 kB
Formato
Adobe PDF
|
391.21 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.