261 0

Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network

Title
Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network
Other Titles
Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network
Author
이병호
Keywords
Traffic measurement; software architecture; abnormal traffic; monitoring
Issue Date
2011-02
Publisher
한국인터넷정보학회
Citation
KSII Transactions on Internet and Information Systems, 2011, 5(2), P.313-329(17)
Abstract
To provide a seamless network to customers, Internet service providers must promptly detect and control abnormal traffic. One approach is to shorten the traffic information measurement cycle. However, performance degradation is inevitable if traffic measurement servers merely shorten the cycle and measure all traffic. This paper presents a software architecture that can measure traffic more frequently without degrading performance by estimating the level of abnormal traffic. The algorithm in the architecture estimates the values of the interface group objects in MIB by using the IP group objects thereby reducing the number of measurements and the size of measured data. We evaluated this architecture on part of Internet service provider's IP network. When the traffic was measured 5 times more than before, the CPU usage and TPS of the proposed scheme was 7% and 41% less than that of the original scheme while the false positive rate and false negative rate were 3.2% and 2.7% respectively.
URI
http://www.itiis.org/digital-library/manuscript/155https://repository.hanyang.ac.kr/handle/20.500.11754/71022
ISSN
1976-7277
DOI
10.3837/tiis.2011.02.004
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE