A method of detecting network anomalies in cyclic traffic

Shigeaki Harada, Ryoichi Kawahara, Tatsuya Mori, Noriaki Kamiyama, Haruhisa Hasegawa, Hideaki Yoshino

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.

Original languageEnglish
Title of host publicationGLOBECOM - IEEE Global Telecommunications Conference
Pages2057-2061
Number of pages5
DOIs
Publication statusPublished - 2008
Externally publishedYes
Event2008 IEEE Global Telecommunications Conference, GLOBECOM 2008 - New Orleans, LA
Duration: 2008 Nov 302008 Dec 4

Other

Other2008 IEEE Global Telecommunications Conference, GLOBECOM 2008
CityNew Orleans, LA
Period08/11/3008/12/4

Fingerprint

Denial-of-service attack

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

Harada, S., Kawahara, R., Mori, T., Kamiyama, N., Hasegawa, H., & Yoshino, H. (2008). A method of detecting network anomalies in cyclic traffic. In GLOBECOM - IEEE Global Telecommunications Conference (pp. 2057-2061). [4698171] https://doi.org/10.1109/GLOCOM.2008.ECP.396

A method of detecting network anomalies in cyclic traffic. / Harada, Shigeaki; Kawahara, Ryoichi; Mori, Tatsuya; Kamiyama, Noriaki; Hasegawa, Haruhisa; Yoshino, Hideaki.

GLOBECOM - IEEE Global Telecommunications Conference. 2008. p. 2057-2061 4698171.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harada, S, Kawahara, R, Mori, T, Kamiyama, N, Hasegawa, H & Yoshino, H 2008, A method of detecting network anomalies in cyclic traffic. in GLOBECOM - IEEE Global Telecommunications Conference., 4698171, pp. 2057-2061, 2008 IEEE Global Telecommunications Conference, GLOBECOM 2008, New Orleans, LA, 08/11/30. https://doi.org/10.1109/GLOCOM.2008.ECP.396
Harada S, Kawahara R, Mori T, Kamiyama N, Hasegawa H, Yoshino H. A method of detecting network anomalies in cyclic traffic. In GLOBECOM - IEEE Global Telecommunications Conference. 2008. p. 2057-2061. 4698171 https://doi.org/10.1109/GLOCOM.2008.ECP.396
Harada, Shigeaki ; Kawahara, Ryoichi ; Mori, Tatsuya ; Kamiyama, Noriaki ; Hasegawa, Haruhisa ; Yoshino, Hideaki. / A method of detecting network anomalies in cyclic traffic. GLOBECOM - IEEE Global Telecommunications Conference. 2008. pp. 2057-2061
@inproceedings{eb88576c514b4798a830674b255e3b40,
title = "A method of detecting network anomalies in cyclic traffic",
abstract = "We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.",
author = "Shigeaki Harada and Ryoichi Kawahara and Tatsuya Mori and Noriaki Kamiyama and Haruhisa Hasegawa and Hideaki Yoshino",
year = "2008",
doi = "10.1109/GLOCOM.2008.ECP.396",
language = "English",
isbn = "9781424423248",
pages = "2057--2061",
booktitle = "GLOBECOM - IEEE Global Telecommunications Conference",

}

TY - GEN

T1 - A method of detecting network anomalies in cyclic traffic

AU - Harada, Shigeaki

AU - Kawahara, Ryoichi

AU - Mori, Tatsuya

AU - Kamiyama, Noriaki

AU - Hasegawa, Haruhisa

AU - Yoshino, Hideaki

PY - 2008

Y1 - 2008

N2 - We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.

AB - We present a method of detecting network anomalies, such as DDoS (distributed denial of service) attacks and flash crowds, automatically in real time. We evaluated this method using measured traffic data and found that it successfully differentiated suspicious traffic. In this paper, we focus on cyclic traffic, which has a daily and/or weekly cycle, and show that the differentiation accuracy is improved by utilizing such a cyclic tendency in anomaly detection. Our method differentiates suspicious traffic that has different statistical characteristics from normal traffic. At the same time, it learns about cyclic large- volume traffic, such as traffic for network operations, and finally considers it to be legitimate.

UR - http://www.scopus.com/inward/record.url?scp=67249116117&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67249116117&partnerID=8YFLogxK

U2 - 10.1109/GLOCOM.2008.ECP.396

DO - 10.1109/GLOCOM.2008.ECP.396

M3 - Conference contribution

SN - 9781424423248

SP - 2057

EP - 2061

BT - GLOBECOM - IEEE Global Telecommunications Conference

ER -