首页    期刊浏览 2024年11月27日 星期三
登录注册

文章基本信息

  • 标题:Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
  • 本地全文:下载
  • 作者:Li Zonglin ; Hu Guangmin ; Yao Xingmiao
  • 期刊名称:EURASIP Journal on Advances in Signal Processing
  • 印刷版ISSN:1687-6172
  • 电子版ISSN:1687-6180
  • 出版年度:2009
  • 卷号:2009
  • DOI:10.1155/2009/752818
  • 出版社:Hindawi Publishing Corporation
  • 摘要:

    Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many links can be prevailing, and does more harm to the networks. Aiming at the similar features of distributed traffic anomaly on many links, this paper proposes a network-wide detection method by performing anomalous correlation analysis of traffic signals' instantaneous parameters. In our method, traffic signals' instantaneous parameters are firstly computed, and their network-wide anomalous space is then extracted via traffic prediction. Finally, an anomaly is detected by a global correlation coefficient of anomalous space. Our evaluation using Abilene traffic traces demonstrates the excellent performance of this approach for distributed traffic anomaly detection.

国家哲学社会科学文献中心版权所有