Detection Network Anomalies Based on Packet and Flow Analysis

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Hong Wang Articles by Zhenghu Gong Articles by Qing Guan Articles by Baosheng Wang

Seventh International Conference on Networking (icn 2008)

April 13-April 18

ISBN: 978-0-7695-3106-9

	ASCII Text	x
	Hong Wang, Zhenghu Gong, Qing Guan, Baosheng Wang, "Detection Network Anomalies Based on Packet and Flow Analysis," International Conference on Networking, pp. 497-502, Seventh International Conference on Networking (icn 2008), 2008.

	BibTex	x
	@article{ 10.1109/ICN.2008.83, author = {Hong Wang and Zhenghu Gong and Qing Guan and Baosheng Wang}, title = {Detection Network Anomalies Based on Packet and Flow Analysis}, journal ={International Conference on Networking}, volume = {0}, year = {2008}, isbn = {978-0-7695-3106-9}, pages = {497-502}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICN.2008.83}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - International Conference on Networking TI - Detection Network Anomalies Based on Packet and Flow Analysis SN - 978-0-7695-3106-9 SP497 EP502 A1 - Hong Wang, A1 - Zhenghu Gong, A1 - Qing Guan, A1 - Baosheng Wang, PY - 2008 KW - anomaly detection KW - flow analysis KW - multistage filter VL - 0 JA - International Conference on Networking ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICN.2008.83

Anomalies generate vast amounts of bogus traffic, which can overwhelm the network and any attached hosts. Identifying Traffic anomalies rapidly and accurately is critical to network stability and usefulness. Most papers focus on analyzing the volume of data or packets on the network. However, legitimate network traffic may be bursty or highly variable, rendering such naive approaches ineffective[7]. We propose a novel method called MultiA to solve this problem. Rather than just looking at volumes of packets, MultiA intelligently adopted Multistage Filter and information entropy take into account the behavior of the network. The MultiA is scalable, automated and self-training. We find this technique effectively identifies network traffic anomalies while avoiding the high false alarms rate.

Index Terms:

anomaly detection, flow analysis, multistage filter

Citation:

Hong Wang, Zhenghu Gong, Qing Guan, Baosheng Wang, "Detection Network Anomalies Based on Packet and Flow Analysis," icn, pp.497-502, Seventh International Conference on Networking (icn 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.