[vc_empty_space][vc_empty_space]
Time based anomaly detection using residual polynomial fitting on aggregate traffic statistic
Purwanto Y.a, Kuspriyantoa, Hendrawana, Rahardjo B.a
a Sekolah Tinggi Elektro Dan Komunikasi, Institut Teknologi Bandung, Bandung, Indonesia
[vc_row][vc_column][vc_row_inner][vc_column_inner][vc_separator css=”.vc_custom_1624529070653{padding-top: 30px !important;padding-bottom: 30px !important;}”][/vc_column_inner][/vc_row_inner][vc_row_inner layout=”boxed”][vc_column_inner width=”3/4″ css=”.vc_custom_1624695412187{border-right-width: 1px !important;border-right-color: #dddddd !important;border-right-style: solid !important;border-radius: 1px !important;}”][vc_empty_space][megatron_heading title=”Abstract” size=”size-sm” text_align=”text-left”][vc_column_text]© 2015 IEEE.Flashcrowd and Distributed Denial of Service (DDoS) almost has similar symptom across network and server. But security element such Intrusion Detection System (IDS) must handle both differently. If IDS cannot differentiate flashcrowd and DDoS attack, Quality of Service of legal user traffic in flashcrowd will degraded. So it is important for IDS to differentiate between flashcrowd and DDoS. Many earlier comparison method could sense the anomalous event, but not pay much attention to identify which flow was the anomaly. We presented residual calculation between windowed aggregate traffic statistical value combination. With residual calculation among statistical percentile 10th and mean, a high accuracy of flashcrowd and DDoS differentiation of synthetic anomalous event gained. This method could directly identify the anomalous flow and perform visual analysis to detect the start to end of both event.[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Author keywords” size=”size-sm” text_align=”text-left”][vc_column_text]Anomaly detection,Comparison methods,DDoS,Distributed denial of service,flashcrowd,Intrusion Detection Systems,Polynomial fittings,residual[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Indexed keywords” size=”size-sm” text_align=”text-left”][vc_column_text]anomaly detection,DDoS,flashcrowd,residual[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Funding details” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”DOI” size=”size-sm” text_align=”text-left”][vc_column_text]https://doi.org/10.1109/ICWT.2015.7449256[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/4″][vc_column_text]Widget Plumx[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][/vc_column][/vc_row]