Case study of an anomalous traffic detection on the aggregation points of enterprise network

Case study of an anomalous traffic detection on the aggregation points of enterprise network

Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its archi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Yoohee Cho, Yihan Kim
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Accuracy
Analytical models
anomaly
Internet
intrusion detection
IP networks
Monitoring
Security
Time series analysis
traffic monitoring
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered in a central server and new arrival traffic is compared with the already generated baseline traffic. This approach is exploring an anomalous traffic detection based on time series traffic modeling and analyzing traffic by time of day, day of week, and special days. To improve the accuracy of detection, we analyze flow information and security events. We developed an anomalous traffic detection system and deployed on the aggregation points of enterprise network.
ISSN:1738-9445