Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a single link might be unnoticeable and hard to detect, while the anomalous aggregation from many...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
SpringerOpen
2008-12-01
|
Series: | EURASIP Journal on Advances in Signal Processing |
Online Access: | http://dx.doi.org/10.1155/2009/752818 |