トラヒック種別間の相関関係に基づいたネットワーク状態の評価方式(NW性能管理, NW品質, 一般)

Presentation	2005-11-17 A Network State Evaluation Method Based on Correlation between Types of Packets Junichi HIROSE, Yuji WAIZUMI, Hiroshi TSUNODA, Yoshiaki NEMOTO,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	In a network anomaly detection it is necessary to evaluate quantitatively network state. For example, as TCP SYN packets and TCP FIN packets almost have relation one to one in the network traffic, correlations exist. In this paper we propose to define network state by observing sorts of traffics and calculating correlation coefficients between types of packets each time. We think appearance of correlations which would not appear normaly presents anomaly state in the network. Through experiments using real network traffic data we report about the results.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Network Anomaly Detection / Correlation / Traffic
Paper #	NS2005-111
Date of Issue

Paper Information
Registration To	Network Systems(NS)
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	A Network State Evaluation Method Based on Correlation between Types of Packets
Sub Title (in English)
Keyword(1)	Network Anomaly Detection
Keyword(2)	Correlation
Keyword(3)	Traffic
1st Author's Name	Junichi HIROSE
1st Author's Affiliation	Graduate School of Infomation Sciences, Tohoku University()
2nd Author's Name	Yuji WAIZUMI
2nd Author's Affiliation	Graduate School of Infomation Sciences, Tohoku University
3rd Author's Name	Hiroshi TSUNODA
3rd Author's Affiliation	Graduate School of Infomation Sciences, Tohoku University
4th Author's Name	Yoshiaki NEMOTO
4th Author's Affiliation	Graduate School of Infomation Sciences, Tohoku University
Date	2005-11-17
Paper #	NS2005-111
Volume (vol)	vol.105
Number (no)	405
Page	pp.pp.-
#Pages	4
Date of Issue