Advertisement

High-Order Terminal Sliding-Mode Observers for Anomaly Detection

  • Yong Feng
  • Fengling Han
  • Xinghuo Yu
  • Zahir Tari
  • Lilin Li
  • Jiankun Hu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7389)

Abstract

This paper proposes a high-order terminal sliding-mode observer used for the anomaly detection in TCP/IP networks. It can track the fluid-flow model representing the TCP/IP behaviors in a router level. A smooth control signal of the observer can be generated based on the high-order sliding-mode technique for estimation of the queue length dynamics in the router. The distributed anomaly in the TCP/IP network incurred by an abnormal behavior can be detected using the smooth control signal. The proposed scheme requires only the average queue length in a router for anomaly detection. The simulations are presented to verify the effectiveness of the proposed method.

Keywords

TCP/IP network model congestion control observers sliding mode control 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Labit, Y., Gouaisbaut, F., Ariba, Y.: Network Anomaly Estimation for TCP/AQM netWorks Using an Observer. In: The Third International Workshop on Feedback Control Implementation and Design in Computing Systems and Network, Annapolis, USA, pp. 63–68 (2008)Google Scholar
  2. 2.
    Steinwart, I., Hush, D., Scovel, C.: A Classification Framework for Anomaly Detection. Journal of Machine Learning Research 6, 211–232 (2005)MathSciNetzbMATHGoogle Scholar
  3. 3.
    Ryu, R., Rump, C., Qiao, C.: Advances in Active Queue Management (AQM) based TCP Congestion Control. Telecommuniaction Systems 4, 317–351 (2004)CrossRefGoogle Scholar
  4. 4.
    Ariba, Y., Gouaisbaut, F., Rahme, S., Labit, Y.: Robust Control Tools for Traffic Monitoring in TCP networks. In: 18th IEEE International Conference on Control Applications, Saint Petersburg, Russia, pp. 525–530 (2009)Google Scholar
  5. 5.
    Hollot, C., Misra, V., Towsley, D., Gong, W.: On Designing Improved Controllers for AQM Routers Supporting TCP Flows. In: IEEE INFOCOM, Anchorage, AK, USA, vol. 3, pp. 1726–1734 (2001)Google Scholar
  6. 6.
    Hollot, C., Misra, V., Towsley, D., Gong, W.: Analysis and Design of Controllers for AQM Routers Supporting TCP Flows. IEEE Trans. Automatic Control 47(6), 945–959 (2002)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Ariba, Y., Gouaisbaut, F., Labit, Y.: Feedback Control for Router Management and TCP/IP Network Stability. IEEE Trans. Network and Service Management 6(4), 255–266 (2009)CrossRefGoogle Scholar
  8. 8.
    Kind, A., Stoecklin, M.P., Dimitropoulos, X.: Histogram-based Traffic Anomaly Detection. IEEE Trans. Network and Service Management 6(2), 1–12 (2009)Google Scholar
  9. 9.
    Misra, V., Gong, W., Towsley, D.: Fluid-based Analysis of a Network of AQM Routers Supporting TCP Flows with an Application to RED. In: ACM/SIGCOMM, Stockholm, Sweden, vol. 30(4), pp. 151–160 (2000)Google Scholar
  10. 10.
    Firoiu, V., Borden, M.: A Study of Active Queue Management for Congestion Control. In: IEEE INFOCOM, Tel Aviv, Israel, vol. 3, pp. 1435–1444 (2000)Google Scholar
  11. 11.
    Hollot, C., Misra, V., Towsley, D., Gong, W.: A Control Theoretic Analysis of RED. In: IEEE INFOCOM, Anchorage, AK, USA, vol. 3, pp. 1510–1519 (2001)Google Scholar
  12. 12.
    Ariba, Y., Labit, Y., Gouaisbaut, F.: Network Anomaly Estimation for TCP/AQM Networks Using an Observer. In: 3rd ACM International Workshop on Feedback Control Implementation and Design in Computing Systems and Networks, Annapolis, USA, pp. 45–50 (2008)Google Scholar
  13. 13.
    Rahme, S., Labit, Y., Gouaisbaut, F.: Sliding Mode Observer for Anomaly Detection in TCP/AQM Networks. In: The Second Inter. Conf. on Communication Theory, Reliability, and Quality of Service, Colmar, France, pp. 113–118 (2009)Google Scholar
  14. 14.
    Rahme, S., Labit, Y., Gouaisbaut, F.: An Unknown Input Sliding Observer for Anomaly Detection in TCP/IP Networks. In: 2009 International Conference on Ultra Modern Telecommunications and Workshops, St. Petersburg, Russia, pp. 1–7 (2009)Google Scholar
  15. 15.
    Rahme, S., Labit, Y., Gouaisbaut, F., Floquet, T.: Second Order Sliding Mode Observer for Anomaly Detection in TCP Networks: From Theory to Practice. In: Proc. of 49th IEEE Conf. on Decision and Control, Atlanta, GA, pp. 5120–5125 (2010)Google Scholar
  16. 16.
    Feng, Y., Han, F., Yu, X., Tari, Z., Li, L., Hu, J.: Terminal Sliding Mode Observer for Anomaly Detection in TCP/IP Networks. In: 2011 International Conference on Computer Science and Network Technology (ICCSNT), Harbin, China, vol. 1, pp. 617–620 (2011)Google Scholar
  17. 17.
    Feng, Y., Yu, X., Man, Z.: Non-singular Adaptive Terminal Sliding Mode Control of Rigid Manipulators. Automatica 38(12), 2159–2167 (2002)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    Feng, Y., Han, X., Wang, Y., Yu, X.: Second-order Terminal Sliding Mode Control of Uncertain Multivariable Systems. International Journal of Control 80(6), 856–862 (2007)MathSciNetzbMATHCrossRefGoogle Scholar
  19. 19.
    Feng, Y., Zheng, J., Yu, X., Truong, N.V.: Hybrid Terminal Sliding-mode Observer Design Method for a Permanent-magnet Synchronous Motor Control System. IEEE Trans. Industrial Electronics 56(9), 3424–3431 (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Yong Feng
    • 1
    • 2
  • Fengling Han
    • 3
  • Xinghuo Yu
    • 1
  • Zahir Tari
    • 3
  • Lilin Li
    • 1
  • Jiankun Hu
    • 4
  1. 1.School of Electrical and Computer EngineeringRMIT UniversityMelbourneAustralia
  2. 2.Department of Electrical EngineeringHarbin Institute of TechnologyHarbinChina
  3. 3.School of Computer Science and Information TechnologyRMIT UniversityMelbourneAustralia
  4. 4.School of Engineering and Information TechnologyUniversity of New South Wales at the Australian Defence Force AcademyCanberraAustralia

Personalised recommendations