A Real-Time Network Traffic Anomaly Detection Scheme Using NetFlow Data 


Vol. 12,  No. 1, pp. 19-28, Feb.  2005
10.3745/KIPSTC.2005.12.1.19


PDF
  Abstract

Recently, it has been sharply increased the interests to detect the network traffic anomalies to help protect the computer network from unknown attacks. In this paper, we propose a new anomaly detection scheme using the simple linear regression analysis for the exported NetFlow data, such as bits per second and flows per second, from a border router at a campus network. In order to verify the proposed scheme, we apply it to a real campus network and compare the results with the Holt-Winters seasonal algorithm. In particular, we integrate in into the RRDtool for detecting the anomalies in real time.

  Statistics
  Cite this article

[IEEE Style]

K. H. Kang, J. S. Jang, K. Y. Kim, "A Real-Time Network Traffic Anomaly Detection Scheme Using NetFlow Data," The KIPS Transactions:PartC, vol. 12, no. 1, pp. 19-28, 2005. DOI: 10.3745/KIPSTC.2005.12.1.19.

[ACM Style]

Koo Hong Kang, Jong Soo Jang, and Ki Young Kim. 2005. A Real-Time Network Traffic Anomaly Detection Scheme Using NetFlow Data. The KIPS Transactions:PartC, 12, 1, (2005), 19-28. DOI: 10.3745/KIPSTC.2005.12.1.19.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals