2019
DOI: 10.1109/access.2019.2914303
|View full text |Cite
|
Sign up to set email alerts
|

An Adaptive Profile-Based Approach for Detecting Anomalous Traffic in Backbone

Abstract: Anomaly detection is the first step with a challenging task of securing a communication network, as the anomalies may indicate suspicious behaviors, attacks, network malfunctions, or failures. In this paper, we address the problem of not only detecting different anomalies, such as volume based (e.g., DDoS or Flash crowd) and spatial based (e.g., network scan), that arise simultaneously in the wild but also of attributing the anomalous point to a single-anomaly event causing it. Besides, we also tackle the prob… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
6
2

Relationship

0
8

Authors

Journals

citations
Cited by 10 publications
(4 citation statements)
references
References 41 publications
0
4
0
Order By: Relevance
“…Zang et al [9] started from the flow features and proposed a finer-grained and more comprehensive flow index set. The author extracted 9 single attributes and 39 dual attributes from multiple dimensions such as time, space, category and intensity to form the IP address traffic behavior features spectrum.…”
Section: A Researches On Ddos Detection and Defense Methodsmentioning
confidence: 99%
“…Zang et al [9] started from the flow features and proposed a finer-grained and more comprehensive flow index set. The author extracted 9 single attributes and 39 dual attributes from multiple dimensions such as time, space, category and intensity to form the IP address traffic behavior features spectrum.…”
Section: A Researches On Ddos Detection and Defense Methodsmentioning
confidence: 99%
“…Xiao-Dong Zang et al [19] proposed a comprehensive metric set to characterize IP traffic behavior: temporal, spatial, category, and intensity. The author proposed an ant colony optimization (ACO) based traffic profile for normal traffic and an updating strategy to reduce the false positive ratio.…”
Section: Related Workmentioning
confidence: 99%
“…The trigger mechanism applied on the controller's control plane effectively attacks but increases the controller's workload. Zang et al [29] proposed a finer-grained method that uses the flow features to detect an attack. It extracts the 39 different traffic features from the flow and improves the detection accuracy.…”
Section: Related Researchmentioning
confidence: 99%