Nine years of observing traffic anomalies: Trending analysis in backbone networks
- Authors
- Won, Youngjoon; Fontugne, Romain; Cho, Kenjiro; Esaki, Hiroshi; Fukuda, Kensuke
- Issue Date
- May-2013
- Publisher
- IEEE
- Citation
- Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013, pp.636 - 642
- Indexed
- SCOPUS
- Journal Title
- Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013
- Start Page
- 636
- End Page
- 642
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/162827
- ISSN
- 0000-0000
- Abstract
- We present the longitudinal trending analysis of traffic anomalies on a trans-Pacific backbone network over nine years. Throughout our analysis, we try to answer several questions: how frequent do such anomalies appear and how long do they last? Does a set of anomalous hosts occur correspondingly? We answer these by applying the state-of-the-art anomaly detectors to (un)anonymized packet traces and look into interesting insights from the long-term analysis. The key observations are as follow. The sources of anomalies are decreasing over the recent years, but take a significant portion of traffic volume during the measurement period (i.e., 0.03% of all IP addresses take upto 30% of traffic volume). The frequency analysis reveals that there is a clear periodicity of anomalies and anomalous host occurrences in various durations. Finally, we find the influences of anomaly detectors to the overall trending and how they differ from each other.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 정보시스템학과 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.