Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Aberrant Behavior Detection in Time Series for Network Monitoring
LISA '00 Proceedings of the 14th USENIX conference on System administration
Characteristic analysis of internet traffic from the perspective of flows
Computer Communications
Anomaly detection in IP networks
IEEE Transactions on Signal Processing
Hi-index | 0.00 |
Remarkable concerns have been made in recent years towards detecting the network traffic anomalies in order to protect our networks from the persistent threats of DDos and unknown attacks. As a preprocess for many state-of-the-art attack detection technologies, baseline traffic modeling is a prerequisite step to discriminate anomalous flow from normal traffic. In this paper, we analyze the traffic from various network transit points on ISP backbone network and present a baseline traffic model using simple linear regression for the imported NetFlow data; bits per second and flows per second. Our preliminary explorations indicate that the proposed modeling is very effective to recognize anomalous traffic on the real networks.