A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Adaptive Thresholding for Proactive Network Problem Detection
SMW '98 Proceedings of the IEEE Third International Workshop on Systems Management
Proceedings of the 2003 ACM workshop on Rapid malcode
Structural analysis of network traffic flows
Proceedings of the joint international conference on Measurement and modeling of computer systems
Design of a system for real-time worm detection
HOTI '04 Proceedings of the High Performance Interconnects, 2004. on Proceedings. 12th Annual IEEE Symposium
Hi-index | 0.00 |
Worm and Dos, DDos attacks take place more and more frequently nowadays. It makes the internet security facing serious threat. In this paper, we introduced the algorithm and design of ESTABD, an internet backbone Early-bird System of Traffic Anomaly Detection Based. By observing the raw variables such as packets count of protocol, TCP flags and payload length distribution etc., ESTABD analyzes real-time traffic to discover the abrupt traffic anomalous and generate warnings. A traffic anomaly detection algorithm based on Statistic Prediction theory is put forward and the algorithm has been tested on real network data. Further more, Alerts correlation algorithm and system policy are addressed in this paper to detect the known worms& Dos attacks and potentially unknown threats.