Study on the Netflow Rate of Flow Checks Technology
The paper presents a selected indicators and algorithms which the passed Netflow-based anomaly detection technology were analyzed and the Netflow data of the compus network was studied from different grain-size and different angle for a long time. Then integration-indicators and Time Window Comparision Algorithms were introduced Integration-indicators which remove the non-stationary factors can reflect the characteristics of network traffic in addition to the non-stationary factors. The anomaly detection system based on intergration-indicators and Time Window-Comparison Algorithm was produced. The whole system was divided into three parts, data collection, data processing, anomaly detection. Data collection module was responsible for the collection of Netflow data and optimizing database. The second part was to cut Netflow data to retain only the fields which anomaly detection required. The last part includes the extraction of indicators and Time Window Comparision Algorithm two sub-modules.
check extraordinarily Netflow traffic analysis
ZHANG Wenfang XU Chi
Architecture and Urban Planning School, Hunan City University Hunan City University Yiyang, P.R .Chi Network Center,Hunan City University Hunan City University Yivang, P.R .China
国际会议
海口
英文
338-342
2011-07-15(万方平台首次上网日期,不代表论文的发表时间)