Sciweavers

NETWORKING
2004

Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data

14 years 1 months ago
Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data
If efficient network analysis tools were available, it could become possible to detect the attacks, anomalies and to appropriately take action to contain the attacks. In this paper, we suggest a technique for traffic anomaly detection based on analyzing correlation of destination IP addresses in outgoing traffic at an egress router. This address correlation data are transformed through discrete wavelet transform for effective detection of anomalies through statistical analysis. Our techniques can be employed for postmortem and real-time analysis of outgoing network traffic at a campus edge. Results from tracedriven evaluation suggest that proposed approach could provide an effective means of detecting anomalies close to the network. We also present data analyzing the correlation of port numbers as a means of detecting anomalies.
Seong Soo Kim, A. L. Narasimha Reddy, Marina Vannu
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where NETWORKING
Authors Seong Soo Kim, A. L. Narasimha Reddy, Marina Vannucci
Comments (0)