A signal analysis of network traffic anomalies

Barford, Paul; Kline, Jeffery; Plonka, David; Ron, Amos

doi:10.1145/637201.637210

articleJan 1, 2002Closed access

A signal analysis of network traffic anomalies

PBPaul Barford JKJeffery Kline DPDavid Plonka ARAmos Ron

University of Wisconsin–Madison

Indexed incrossref

Abstract

Identifying anomalies rapidly and accurately is critical to the efficient operation of large computer networks. Accurately characterizing important classes of anomalies greatly facilitates their identification; however, the subtleties and complexities of anomalous traffic can easily confound this process. In this paper we report results of signal analysis of four classes of network traffic anomalies: outages, flash crowds, attacks and measurement failures. Data for this study consists of IP flow and SNMP measurements collected over a six month period at the border router of a large university. Our results show that wavelet filters are quite effective at exposing the details of both ambient and anomalous…

Citation impact

785

total citations

FWCI: 19.64
Percentile: 100%
References: 24

Citations per year

Authors

4

Topics & keywords

Topics

Keywords

Anomaly detection
Computer science
Anomaly (physics)
Router
Wavelet
Real-time computing
Simple Network Management Protocol
Filter (signal processing)

UN Sustainable Development Goals

Sustainable cities and communities

No related works found for this paper.