By Topic

Case study of an anomalous traffic detection on the aggregation points of enterprise network

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Yoohee Cho ; KT Network R&D Lab., Daejeon, South Korea ; Yihan Kim

Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered in a central server and new arrival traffic is compared with the already generated baseline traffic. This approach is exploring an anomalous traffic detection based on time series traffic modeling and analyzing traffic by time of day, day of week, and special days. To improve the accuracy of detection, we analyze flow information and security events. We developed an anomalous traffic detection system and deployed on the aggregation points of enterprise network.

Published in:

Advanced Communication Technology (ICACT), 2011 13th International Conference on

Date of Conference:

13-16 Feb. 2011