Powered by OpenAIRE graph
Found an issue? Give us feedback
addClaim

Anomaly Detection Based on Available Bandwidth Estimation

Authors: Li He; Shunzheng Yu; Min Li;

Anomaly Detection Based on Available Bandwidth Estimation

Abstract

Identifying anomaly detection such as failure and attacks rapidly and accurately over the Internet holds interest of both network operators and researchers. Network behavior analysis (NBA) system is usually disposed over an intranet, passively collects SNMP data or flow data, and uses signature and anomaly mechanisms to identify and analyze interesting network activities, including traffic anomaly. In order to discover the anomalies of networks outside manageable areas, we need to use active probing techniques. In this paper we first present PQLink, a tool that allows end users to accurately measure the available bandwidth (AB) of arbitrary links on a network. PQLink uses a novel probing technique called trains of packet-quartets and only needs a single end point. Then we propose a novel approach for anomaly detection based on PQLink, which keeps monitoring the AB of vital links. Simulations validate the efficiency of PQLink and our anomaly detection approach.

Related Organizations
  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    2
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
2
Average
Average
Average
Upload OA version
Are you the author of this publication? Upload your Open Access version to Zenodo!
It’s fast and easy, just two clicks!