On the self-similar nature of Ethernet traffic (extended version)
IEEE/ACM Transactions on Networking (TON)
Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
Self-similarity in World Wide Web traffic: evidence and possible causes
IEEE/ACM Transactions on Networking (TON)
Real-time estimation of the parameters of long-range dependence
IEEE/ACM Transactions on Networking (TON)
Random Data: Analysis and Measurement Procedures
Random Data: Analysis and Measurement Procedures
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue: Long range dependent trafic
Practical test-functions generated by computer algorithms
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
Wavelet analysis of long-range-dependent traffic
IEEE Transactions on Information Theory
Hi-index | 0.00 |
Abnormal traffic detection is a difficult problem in network management and network security. This paper proposes an abnormal traffic detection method based on a continuous LoSS (loss of self-similarity) through comparing the difference of Hurst parameter distribution under the network normal and abnormal traffic time series conditions. Due to the needs of fast and high accuracy for abnormal traffic detection, the on-line version of the Abry-Veitch wavelet-based estimator of the Hurst parameter in large time-scale is proposed, and the detection threshold could self-adjusted according to the extent of network traffic self-similarity under normal conditions. This work also investigates the effect of the parameters adjustment on the performance of abnormal traffic detection. The test results on data set from Lincoln lab of MIT demonstrate that the new abnormal traffic detection method has the characteristics of dynamic self-adaptive and higher detection rate, and can be implemented in a real-time way.