Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo
{"title":"基于聚合流的交通特征分布统计分析","authors":"Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo","doi":"10.1109/ICWT.2015.7449255","DOIUrl":null,"url":null,"abstract":"Anomaly traffic detection is one method to detect attack in internet, especially Distributed Denial of Service (DDoS). Here, traffic analysis which reveal the observed traffic pattern is key important process as the anomaly decision was taken based on traffic analysis. This research analyzed several statistical analysis of traffic datasets categorized as normal, DDoS attack and flashcrowd. Analysis done in aggregate and per-flow traffic level which showed similarity and difference in each category. Windowing technic used to measure instantaneous statistical value. The result showed several statistical difference which could be used to categorized types of anomaly, especially to identify normal threshold. Flow to normal average flow distance distribution perform not followed Gaussian distribution.","PeriodicalId":371814,"journal":{"name":"2015 1st International Conference on Wireless and Telematics (ICWT)","volume":"102 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Statistical analysis on aggregate and flow based traffic features distribution\",\"authors\":\"Yudha Purwanto, Kuspriyanto, Hendrawan, B. Rahardjo\",\"doi\":\"10.1109/ICWT.2015.7449255\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Anomaly traffic detection is one method to detect attack in internet, especially Distributed Denial of Service (DDoS). Here, traffic analysis which reveal the observed traffic pattern is key important process as the anomaly decision was taken based on traffic analysis. This research analyzed several statistical analysis of traffic datasets categorized as normal, DDoS attack and flashcrowd. Analysis done in aggregate and per-flow traffic level which showed similarity and difference in each category. Windowing technic used to measure instantaneous statistical value. The result showed several statistical difference which could be used to categorized types of anomaly, especially to identify normal threshold. Flow to normal average flow distance distribution perform not followed Gaussian distribution.\",\"PeriodicalId\":371814,\"journal\":{\"name\":\"2015 1st International Conference on Wireless and Telematics (ICWT)\",\"volume\":\"102 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 1st International Conference on Wireless and Telematics (ICWT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICWT.2015.7449255\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 1st International Conference on Wireless and Telematics (ICWT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICWT.2015.7449255","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Statistical analysis on aggregate and flow based traffic features distribution
Anomaly traffic detection is one method to detect attack in internet, especially Distributed Denial of Service (DDoS). Here, traffic analysis which reveal the observed traffic pattern is key important process as the anomaly decision was taken based on traffic analysis. This research analyzed several statistical analysis of traffic datasets categorized as normal, DDoS attack and flashcrowd. Analysis done in aggregate and per-flow traffic level which showed similarity and difference in each category. Windowing technic used to measure instantaneous statistical value. The result showed several statistical difference which could be used to categorized types of anomaly, especially to identify normal threshold. Flow to normal average flow distance distribution perform not followed Gaussian distribution.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
