Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SIGCOMM
2010
ACM
2010
ACM
ASTUTE: detecting a different class of traffic anomalies
When many flows are multiplexed on a non-saturated link, their volume changes over short timescales tend to cancel each other out, making the average change across flows close to zero. This equilibrium property holds if the flows are nearly independent, and it is violated by traffic changes caused by several, potentially small, correlated flows. Many traffic anomalies (both malicious and benign) fit this description. Based on this observation, we exploit equilibrium to design a computationally simple detection method for correlated anomalous flows. We compare our new method to two well known techniques on three network links. We manually classify the anomalies detected by the three methods, and discover that our method uncovers a different class of anomalies than previous techniques do. Categories and Subject Descriptors: C.2.3 [Computer-Communication Networks]: Network Operations General Terms: Experimentation, Measurement.
Real-time TrafficCommunications | Many Traffic Anomalies | Short Timescales | SIGCOMM 2010 | Simple Detection Method |
| Added | 06 Dec 2010 |
| Updated | 06 Dec 2010 |
| Type | Conference |
| Year | 2010 |
| Where | SIGCOMM |
| Authors | Fernando Silveira, Christophe Diot, Nina Taft, Ramesh Govindan |
Comments (0)
Researcher Info
|
