A Real-Time Network Traffic Anomaly Detection Scheme Using NetFlow Data

Autor:	Koohong Kang, Kiyoung Kim, Jong Soo Jang
Rok vydání:	2005
Předmět:	Scheme (programming language) Router Computer science business.industry Anomaly (natural sciences) Real-time computing Intrusion detection system Campus network NetFlow Anomaly detection business Real time networks computer computer.programming_language Computer network
Zdroj:	The KIPS Transactions:PartC. :19-28
ISSN:	1598-2858
DOI:	10.3745/kipstc.2005.12c.1.019
Popis:	Recently, it has been sharply increased the interests to detect the network traffic anomalies to help protect the computer network from unknown attacks. In this paper, we propose a new anomaly detection scheme using the simple linear regression analysis for the exported LetFlow data, such as bits per second and flows per second, from a border router at a campus network. In order to verify the proposed scheme, we apply it to a real campus network and compare the results with the Holt-Winters seasonal algorithm. In particular, we integrate it into the RRDtooi for detecting the anomalies in real time.
Databáze:	OpenAIRE
Externí odkaz:	https://explore.openaire.eu/search/publication?articleId=doi_________::542614eabcf556167fec2e0eb2eb84bf https://doi.org/10.3745/kipstc.2005.12c.1.019 Zobrazit plný text záznamu