상세정보
학술대회
Baseline Traffic Modeling for Anomalous Traffic Detection on Network Transit Points
- 저자
- 조유희, 강구홍, 김익균, 정기태
- 발행일
- 200909
- 출처
- Asia-Pacific Network Operations and Management Symposium (APNOMS) 2009 (LNCS 5787), v.5787, pp.385-394
- 출판사
- Springer
- 협약과제
- 09MS5300, 분산서비스거부(DDoS) 공격 대응 기술개발, 장종수
- 초록
- Remarkable concerns have been made in recent years towards detecting the network traffic anomalies in order to protect our networks from the persistent threats of DDos and unknown attacks. As a pre-process for many state-of-the-art attack detection technologies, baseline traffic modeling is a prerequisite step to discriminate anomalous flow from normal traffic. In this paper, we analyze the traffic from various network transit points on ISP backbone network and present a baseline traffic model using simple linear regression for the imported NetFlow data; bits per second and flows per second. Our preliminary explorations indicate that the proposed modeling is very effective to recognize anomalous traffic on the real networks. © 2009 Springer Berlin Heidelberg.
- KSP 제안 키워드
- Anomalous traffic detection, Attack Detection, Backbone Network, Netflow data, Network Traffic, Normal traffic, Real networks, Simple linear regression, Traffic anomalies, state-of-The-Art, traffic modeling