| Presentation | 2023-04-14 Network Anomaly Detection through Variable Granularity Traffic Analysis Shohei Kamamura, Yuya Takeda, Yuki Takei, Masato Nishiguchi, Yuhei Hayashi, Takayuki Fujiwara, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In the Society 5.0, it is important to accurately measure and analyze the communication traffic flow in wide-area IP networks, and to be able to promptly detect communication anomalies for achieving sustainable social infrastructure. However, in wide-area IP networks, communication traffic flow is encapsulated by headers assigned by communication carriers, and thus is observed as more macroscopic information. Therefore, it is difficult to accurately detect the occurrence of anomalies for an individual communication flow because the flow observation results obtained by flow measurement protocols such as IPFIX are the result of superimposing various communication flows with different characteristics. In this paper, we propose a method of anomaly analysis and detection method from time-series traffic flows. First, we decompose superimposing traffic flows into individual flows by using our implementation of the Fast xFlow Proxy, which can decompose communication traffic flows to a fine granularity. Then, our algorithm detects anomalies from decomposed flows based on correlation analysis. We report the results of a simulation evaluation of the proposed method, which shows that it can achieve anomaly detection quickly and accurately. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | IP Network, / xFlow / Communication Traffic / Correlation Analysis / Anomaly Detection |
| Paper # | NS2023-9 |
| Date of Issue | 2023-04-06 (NS) |
| Conference Information | |
| Committee | NS |
|---|---|
| Conference Date | 2023/4/13(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Nihon University, Koriyama Campus + Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Communication traffic theory, Traffic and quality evaluation, Network performance evaluation, QoS/QoE, Reliability and robustness, Traffic and quality management, AI and machine learning, Network and system operation management, High capacity, low latency, many connections, General |
| Chair | Tetsuya Oishi(NTT) |
| Vice Chair | Takumi Miyoshi(Shibaura Insti of Tech.) |
| Secretary | Takumi Miyoshi(NTT) |
| Assistant | Kotaro Mihara(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Network Systems |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Network Anomaly Detection through Variable Granularity Traffic Analysis |
| Sub Title (in English) | |
| Keyword(1) | IP Network, |
| Keyword(2) | xFlow |
| Keyword(3) | Communication Traffic |
| Keyword(4) | Correlation Analysis |
| Keyword(5) | Anomaly Detection |
| 1st Author's Name | Shohei Kamamura |
| 1st Author's Affiliation | Seikei University(Seikei Univ.) |
| 2nd Author's Name | Yuya Takeda |
| 2nd Author's Affiliation | Seikei University(Seikei Univ.) |
| 3rd Author's Name | Yuki Takei |
| 3rd Author's Affiliation | NTT Network Innovation Center(NTT) |
| 4th Author's Name | Masato Nishiguchi |
| 4th Author's Affiliation | NTT Network Innovation Center(NTT) |
| 5th Author's Name | Yuhei Hayashi |
| 5th Author's Affiliation | NTT Network Innovation Center(NTT) |
| 6th Author's Name | Takayuki Fujiwara |
| 6th Author's Affiliation | NTT Network Innovation Center(NTT) |
| Date | 2023-04-14 |
| Paper # | NS2023-9 |
| Volume (vol) | vol.123 |
| Number (no) | NS-2 |
| Page | pp.pp.44-49(NS), |
| #Pages | 6 |
| Date of Issue | 2023-04-06 (NS) |