The increasing number of network attacks causes growing problems for network operators and users. Thus, detecting anomalous traffic is of primary interest in IP networks management. In this paper we present a novel method for network anomaly detection, based on the idea of discovering Heavy Change (HC) in the distribution of the Heavy Hitters in the network traffic. To assess the validity of the proposed method, we have performed an extensive experimental evaluation phase, during which our system performance have been compared to a more classical HC-based approach. The performance analysis, presented in this paper, demonstrates the effectiveness of the proposed method.
Detecting Heavy Change in the Heavy Hitter Distribution of Network Traffic
CALLEGARI, CHRISTIAN;GIORDANO, STEFANO;PAGANO, MICHELE;
2011-01-01
Abstract
The increasing number of network attacks causes growing problems for network operators and users. Thus, detecting anomalous traffic is of primary interest in IP networks management. In this paper we present a novel method for network anomaly detection, based on the idea of discovering Heavy Change (HC) in the distribution of the Heavy Hitters in the network traffic. To assess the validity of the proposed method, we have performed an extensive experimental evaluation phase, during which our system performance have been compared to a more classical HC-based approach. The performance analysis, presented in this paper, demonstrates the effectiveness of the proposed method.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
