• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network

Vol. 5, No. 2, February 27, 2011
10.3837/tiis.2011.02.004, Download Paper (Free):

Abstract

To provide a seamless network to customers, Internet service providers must promptly detect and control abnormal traffic. One approach is to shorten the traffic information measurement cycle. However, performance degradation is inevitable if traffic measurement servers merely shorten the cycle and measure all traffic. This paper presents a software architecture that can measure traffic more frequently without degrading performance by estimating the level of abnormal traffic. The algorithm in the architecture estimates the values of the interface group objects in MIB by using the IP group objects thereby reducing the number of measurements and the size of measured data. We evaluated this architecture on part of Internet service provider’s IP network. When the traffic was measured 5 times more than before, the CPU usage and TPS of the proposed scheme was 7% and 41% less than that of the original scheme while the false positive rate and false negative rate were 3.2% and 2.7% respectively.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
D. Lee and B. H. Rhee, "Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network," KSII Transactions on Internet and Information Systems, vol. 5, no. 2, pp. 313-329, 2011. DOI: 10.3837/tiis.2011.02.004.

[ACM Style]
Dongcheul Lee and Byung Ho Rhee. 2011. Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network. KSII Transactions on Internet and Information Systems, 5, 2, (2011), 313-329. DOI: 10.3837/tiis.2011.02.004.

[BibTeX Style]
@article{tiis:19932, title="Efficient Abnormal Traffic Detection Software Architecture for a Seamless Network", author="Dongcheul Lee and Byung Ho Rhee and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2011.02.004}, volume={5}, number={2}, year="2011", month={February}, pages={313-329}}