| Presentation | 2008-05-15 Evaluation for Detectability of Identifying Anomalous Traffic Using Delta Traffic Shigeaki HARADA, Ryoichi KAWAHARA, Noriaki KAMIYAMA, Tsuyoshi KONDOH, Keisuke ISHIBASHI, Shoichiro ASANO, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | To mitigate the anomalous traffic such as DDoS attacks, it is necessary to accurately identify the anomalous traffic sources. To realize this, we have so far proposed a method of identifying flow groups that cause large difference in traffic volume between before and after detecting occurrence of anomalies. In this method, we regard such flow groups as anomalous traffic sources. This method assumes that the traffic difference in each flow group occurs only when the group contains anomalous traffic sources. However, even when the group has only normal traffic, that is, it does not contain anomalous traffic sources, the traffic difference may occur due to the time variation in normal traffic. Thus, in this paper, we evaluate the effect of such variation on the accuracy of identifying anomalous traffic sources and also show the effectiveness of our method. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Anomalous traffic / Collateral damage / DDoS attack |
| Paper # | NS2008-1 |
| Date of Issue |
| Conference Information | |
| Committee | NS |
|---|---|
| Conference Date | 2008/5/8(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Network Systems(NS) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Evaluation for Detectability of Identifying Anomalous Traffic Using Delta Traffic |
| Sub Title (in English) | |
| Keyword(1) | Anomalous traffic |
| Keyword(2) | Collateral damage |
| Keyword(3) | DDoS attack |
| 1st Author's Name | Shigeaki HARADA |
| 1st Author's Affiliation | NTT Service Integration Laboratories, NTT Corporation() |
| 2nd Author's Name | Ryoichi KAWAHARA |
| 2nd Author's Affiliation | NTT Service Integration Laboratories, NTT Corporation |
| 3rd Author's Name | Noriaki KAMIYAMA |
| 3rd Author's Affiliation | NTT Service Integration Laboratories, NTT Corporation |
| 4th Author's Name | Tsuyoshi KONDOH |
| 4th Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 5th Author's Name | Keisuke ISHIBASHI |
| 5th Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 6th Author's Name | Shoichiro ASANO |
| 6th Author's Affiliation | National Institute of Informatics |
| Date | 2008-05-15 |
| Paper # | NS2008-1 |
| Volume (vol) | vol.108 |
| Number (no) | 31 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |