An efficient data structure for network anomaly detection

13 years 11 months ago

Download www.wu.ece.ufl.edu

Abstract-- Despite the rapid advance in networking technologies, detection of network anomalies at high-speed switches/routers is still far from maturity. To push the frontier, two major technologies need to be addressed. The first one is efficient feature-extraction algorithms/hardware that can match a line rate in the order of Gb/s; the second one is fast and effective anomaly detection schemes. In this paper, we focus on design of efficient data structure and algorithms for feature extraction. Specifically, we propose a novel data structure that extracts socalled two-directional (2D) matching features, which are shown to be effective indicators of network anomalies. Our key idea is to use a Bloom filter array to trade off a small amount of accuracy in feature extraction, for much less space and time complexity, so that our data structure can catch up with a line rate in the order of Gb/s. Different from the existing work, our data structure has the following properties: 1) dynamic B...

Jieyan Fan, Dapeng Wu, Kejie Lu, Antonio Nucci

Real-time Traffic

Bloom Filter | Communications | Data Structure | Feature Extraction | SCN 2008 |

claim paper

Post Info
More Details (n/a)

Added	14 Dec 2010
Updated	14 Dec 2010
Type	Journal
Year	2008
Where	SCN
Authors	Jieyan Fan, Dapeng Wu, Kejie Lu, Antonio Nucci

Comments (0)

Sciweavers

An efficient data structure for network anomaly detection

Bloom Filter | Communications | Data Structure | Feature Extraction | SCN 2008 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers