Anomaly Traffic Integrated Detection Model for Enterprise IT Network

doi:10.13190/jbupt.200906.28.qiuxs

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2009, Vol. 32 ›› Issue (6): 28-31.doi: 10.13190/jbupt.200906.28.qiuxs

• Papers • Previous Articles Next Articles

Anomaly Traffic Integrated Detection Model for Enterprise IT Network

QIU Xue-song;CHEN Jian;GUO Hai-sheng;GAO Zhi-peng

(1.State Key Laboratory of Networking and Switching Technology, Beijing Univers
ity of Posts and Telecommunications, Beijing 100876, China;
2.Network Management Product Department, Zhongxing Telecommunication Equipment
Limited, Nanjing 210012, China)

Received:2009-03-22 Revised:1900-01-01 Online:2009-12-28 Published:2009-12-28
Contact: QIU Xue-song

Abstract

Abstract:

A new algorithm of the network anomaly traffic detection by using time windows comparing method is proposed based on the feature of enterprise information technology (IT) network traffic. Then, combining the new algorithm, the present static detection algorithm and the dynamic detection algorithm, the integrated detection model of network anomaly traffic is proposed. The model can check the network anomaly traffic by comparison methods by different ways and from different views. Finally, the availability of model is validated by implementation and testing of model in real environment.

Key words: network anomaly traffic, anomaly detection, network management

QIU Xue-song;CHEN Jian;GUO Hai-sheng;GAO Zhi-peng. Anomaly Traffic Integrated Detection Model for Enterprise IT Network[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(6): 28-31.

[1]	HUO Wei-gang, WANG Xing, LIANG Rui. An Anomaly Detection Method Combining Mutual Information Estimation with Adversarial Autoencoder [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(5): 28-34.
[2]	JI Xing, HUANG Tao, E Xin-hua, SUN Li. A DNS Query Anomaly Detection Algorithm Based on Log Information [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(6): 83-89.
[3]	CHEN Mo, JIN Lei, GONG Xiang-yang, MAN Yi. Research on Fault Tracing Technology for 5G Mass Network Management Data [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(5): 131-136,142.
[4]	QUI Xue-song, ZHANG Xun, SONG Yan-bin, ZHAO Bing, XU Si-ya. Two-Stage Traffic Anomaly Detection Method Based on Entropy and Linear Relation [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(4): 56-62.
[5]	YING Fei-hao, XING Ning-zhe, JI Yu-tong, JI Chen-chen, LI Wen-jing. KTLAD Based Traffic Anomaly Detection Algorithm of Electric Power Data Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2017, 40(s1): 108-111.
[6]	LIU Tao, WANG Wen-dong, GONG Xiang-yang, QUE Xi-rong, CHENG Shi-duan. Updated Mechanism for in-Band Controlling Traffic of Software Defined Networking [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2016, 39(1): 24-28.
[7]	ZHU Kai, ZHANG Chao, ZHANG Kai, LI Wen-jing, MENG Luo-ming. Assessment of Users’ QoE for Mobile Internet Based on TCP Packet Layer Analysis [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2014, 37(s1): 40-45.
[8]	WANG Kai-xuan, YANG Zheng, QIU Xue-song. Algorithm of Fault Locating on Impact Analysis in Power Communications Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2014, 37(s1): 55-59.
[9]	ZHANG Le-jun, GUO Lin, ZHANG Jian-pei, YANG Jing, XIA Lei. Anomaly Detection for Distributed System Based on Measurement Attributes Analysis [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2013, 36(6): 69-73.
[10]	. An Optimized UserBehavior Clustering Analysis Based Service  Fault Detection Mechanism for Mobile Device [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2011, 34(s1): 46-50.
[11]	. A Dynamic Compuation Approach to Determining the  Threshold in Network Anomaly Detection [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2011, 34(2): 45-49.
[12]	. CADE Method for Autonomic NetworkManagement and Application Framework [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(s1): 30-34.
[13]	. Interface of Configuring the Data Network Equipments and Application Scheme [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(s1): 140-143.
[14]	. The Design and Implementation of Alarm RealTimeDisplay System Based on Web [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(s1): 115-119.
[15]	. Comparasion of the System Management Based on WSDM, WBEM and SNMP [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(s1): 134-139.

Anomaly Traffic Integrated Detection Model for Enterprise IT Network

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments