Detecting and identifying network anomalies by component analysis

Authors:
Le The Quyen;Marat Zhanikeev;Yoshiaki Tanaka
Affiliations:
Global Information and Telecommunication Institute, Waseda University, Tokyo, Japan;Global Information and Telecommunication Institute, Waseda University, Tokyo, Japan;Global Information and Telecommunication Institute, Waseda University, Tokyo, Japan
Venue:
APNOMS'06 Proceedings of the 9th Asia-Pacific international conference on Network Operations and Management: management of Convergence Networks and Services
Year:
2006

Citing 1
Cited 1

Diagnosing network-wide traffic anomalies

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications

Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Many research works address detection and identification of network anomalies using traffic analysis. This paper considers large topologies, such as those of an ISP, with traffic analysis performed on multiple links simultan-eously. This is made possible by using a combination of simple online traffic parameters and specific data from headers of selective packets. Even though large networks may have many network links and a lot of traffic, the analysis is simplified with the usage of Principal Component Analysis (PCA) subspace method. The proposed method proves that aggregation of such traffic profiles on large topologies allows identification of a certain set of anomalies with high level of certainty.