| Presentation | 2020-01-24 Study on enhancing the change of situation based on number of accessing countries Yuki Uemoto, Koji Okamura, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | One campus DNS server accesses nearly 180 countries in one day. For the purpose of investigating the cause of the very large number of accessing countries, we analyzed the communication flow of this server based on the change in the number of bytes, number of packets and number of accessing countries. As a result, we identified a period of time in which the number of accessing countries increased slightly compared to normal times.However, the change in the number of accessing countries was so small that it is difficult to distinguish between time periods when the number of accessing countries increased naturally. As a result of further analysis, it was found that the communication volume that normally concentrated in Japan was dispersed in a plurality of countries in this time period. Therefore, in order to express the scatter of the communication traffic on a country-by-country basis in the event of an abnormality, a variance that quantifies the scatter of data is used.However, depending on the number of accessing countries, it was difficult to make a distinction even in a method using variance.In this paper, we use the entropy whice used in the field of information theory to enhance the change in the rate of traffic on a country-by-country basis during abnormal situations.In this paper, we apply the proposed method to actual data and examine the effectiveness and validity of the proposed method. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Network flow data / Entropy / Anomaly detection |
| Paper # | IA2019-64 |
| Date of Issue | 2020-01-17 (IA) |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2020/1/24(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Kwansei Gakuin University, Tokyo Marunouchi Campus (Sapia Tower) |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Senser Network, IoT, M2M, etc. |
| Chair | Hiroyuki Osaki(Kwansei Gakuin Univ.) |
| Vice Chair | Rei Atarashi(IIJ) / Toru Kondo(Hiroshima Univ.) / Hiroshi Yamamoto(Ritsumeikan Univ.) |
| Secretary | Rei Atarashi(Kwansei Gakuin Univ.) / Toru Kondo(KDDI Research) / Hiroshi Yamamoto(NEC) |
| Assistant | Kenji Ohira(Osaka Univ.) / Daiki Nobayashi(Kyushu Inst. of Tech.) / Ryohei Banno(Tokyo Inst. of Tech.) |
| Paper Information | |
| Registration To | Technical Committee on Internet Architecture |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Study on enhancing the change of situation based on number of accessing countries |
| Sub Title (in English) | |
| Keyword(1) | Network flow data |
| Keyword(2) | Entropy |
| Keyword(3) | Anomaly detection |
| Keyword(4) | |
| 1st Author's Name | Yuki Uemoto |
| 1st Author's Affiliation | Kyushu University(Kyushu Univ.) |
| 2nd Author's Name | Koji Okamura |
| 2nd Author's Affiliation | Kyushu University(Kyushu Univ.) |
| Date | 2020-01-24 |
| Paper # | IA2019-64 |
| Volume (vol) | vol.119 |
| Number (no) | IA-388 |
| Page | pp.pp.29-34(IA), |
| #Pages | 6 |
| Date of Issue | 2020-01-17 (IA) |