Abstract
This paper focuses on detecting anomalies in Internet backbone traffic. To monitor traffic on a scale of several terabits per second, we need to divide the time series data of a traffic volume into many slices. Therefore, we need to monitor a lot of traffic data. However, adjusting an appropriate threshold for each traffic time series data individually is difficult. To solve this problem, we propose an anomaly-detection algorithm that does not need parameters to be set for each time series data. This algorithm operates acc-urately with low computational complexity. A side-by-side test demonstrated that the accuracy of the algorithm was higher than that of the conventional method. Moreover, the necessary learning period of the algorithm was shorter than that of the conventional method.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bollinger, J.: Bollinger On Bollinger Bands. McGraw-Hill, New York (2001)
Brutlag, J.D.: Aberrant Behavior Detection in Time Series for Network Monitoring. In: Proceedings of the USENIX Fourteenth System Administration Conference LISA XIV, New Orleans, LA (December 2000)
Barford, P., Kline, J., Plonka, D., Ron, A.: A Signal Analysis of Network Traffic Anomalies. In: Internet Measurement Workshop 2002 (2002)
Ishibashi, K., Kawahara, R., Mori, T., Kondoh, T., Asano, S.: Effect of sampling rate and monitoring granuality on anomaly detectability. In: 10th IEEE Global Internet Symposium (2007)
Kawahara, R., Mori, T., Kamiyama, N., Harada, S., Asano, S.: A study on detecting network anomalies using sampled flow statistics. In: IEEE SAINT 2007 Workshop (2007)
JPNAP WWW page, http://www.mfeed.co.jp/jpnap/
Oetiker, T.: The rrdtool manual, http://oss.oetiker.ch/rrdtool/
Brutlag, J.D.: Notes on RRDTOOL implementation of Aberrant Behavior Detection, http://cricket.sourceforge.net/aberrant/rrd_hw.htm
GNU R WWW page, http://www.r-project.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hirokawa, Y., Yamamoto, K., Harada, S., Kawahara, R. (2008). Detection of Leaps/sLumps in Traffic Volume of Internet Backbone. In: Ma, Y., Choi, D., Ata, S. (eds) Challenges for Next Generation Network Operations and Service Management. APNOMS 2008. Lecture Notes in Computer Science, vol 5297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88623-5_42
Download citation
DOI: https://doi.org/10.1007/978-3-540-88623-5_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88622-8
Online ISBN: 978-3-540-88623-5
eBook Packages: Computer ScienceComputer Science (R0)