By Topic

NOMAD: traffic-based network monitoring framework for anomaly detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Talpade, R. ; Telcordia Technol., Morristown, NJ, USA ; Kim, Gitae ; Khurana, S.

Network performance monitoring is essential for managing a network efficiently and for ensuring reliable operation of the network. In this paper we introduce a scalable network monitoring framework, (NOMAD), that detects network anomalies through the characterization of the dynamic statistical properties of network traffic. NOMAD relies on high resolution measurements and on-line analysis of network traffic to provide real-time alarms in the incipient phase of network anomalies. It incorporates a suite of anomaly identification algorithms based on path changes, flow shift, and packet delay variance, and relies extensively on IP packet header information, such as TTL, source/destination address and packet length, and router's timestamps. NOMAD can be deployed in a single backbone router or incrementally in a regional or large scale network for detecting and locating network anomalies by correlating spatial and temporal network state information

Published in:

Computers and Communications, 1999. Proceedings. IEEE International Symposium on

Date of Conference:

1999