期刊名称:International Journal of Computer Trends and Technology
电子版ISSN:2231-2803
出版年度:2014
卷号:9
期号:6
页码:327-330
DOI:10.14445/22312803/IJCTT-V9P160
出版社:Seventh Sense Research Group
摘要:The application detects anomaly in network using techniques like histogram, cloning voting, filtering. To extract anomalous flows, one could build a model describing normal flow characteristics and use the model to identify deviating flows. We can compare flows of packets on network with previous flows, like new flows that were not previously observed or flows with significant increase/decrease in their volume. Identify an anomalous flow that combines and consolidates information from multiple histogrambased anomaly detectors [1] [4] [8]. Compared to other possible approaches. Build a histogram based detector that (i) applies histogram cloning[1][4], i.e., maintains multiple randomized histograms to obtain additional views of network traffic[3]; and (ii) uses the KullbackLeibler (KL) distance to detect anomalies.
