{"title":"Distributed stealthy traffic anomaly detection based on wavelet packet analysis","authors":"Zonglin Li, Guangmin Hu, Xingmiao Yao","doi":"10.1109/ICACIA.2009.5361117","DOIUrl":null,"url":null,"abstract":"Distributed anomalous traffic is difficult to detect, since it is simultaneously dispersed in many links and tend to not present any obvious anomalous features in a single link. This paper proposed a multi-scale spatial detection method against distributed stealthy traffic anomaly, it can deploy early-stage detection on key nodes of network. Multi-scale wavelet packet analysis is performed separately on links at which information is available on each node, with the aim of getting abnormal frequency ranges at different time sections and reconstructing signals with anomalous features. Then from a spatial point of view, evaluate deviation degree of high dimension vectors that composed of reconstructions by kernel density estimation as anomaly indicator. Detection results on both real anomalies of American education backbone network and synthetic distributed anomalies shows, our method performs better than existing method.","PeriodicalId":423210,"journal":{"name":"2009 International Conference on Apperceiving Computing and Intelligence Analysis","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Apperceiving Computing and Intelligence Analysis","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACIA.2009.5361117","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Distributed anomalous traffic is difficult to detect, since it is simultaneously dispersed in many links and tend to not present any obvious anomalous features in a single link. This paper proposed a multi-scale spatial detection method against distributed stealthy traffic anomaly, it can deploy early-stage detection on key nodes of network. Multi-scale wavelet packet analysis is performed separately on links at which information is available on each node, with the aim of getting abnormal frequency ranges at different time sections and reconstructing signals with anomalous features. Then from a spatial point of view, evaluate deviation degree of high dimension vectors that composed of reconstructions by kernel density estimation as anomaly indicator. Detection results on both real anomalies of American education backbone network and synthetic distributed anomalies shows, our method performs better than existing method.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
