Network traffic abnormality detection and positioning method based on symmetry degree sketch

A network traffic and anomaly detection technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve problems such as inability to apply online, and achieve the effect of accurate host connection symmetry, length reduction, and high processing efficiency

Active Publication Date: 2017-05-10
XI AN JIAOTONG UNIV
View PDF3 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method is currently mainly used for off

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic abnormality detection and positioning method based on symmetry degree sketch
  • Network traffic abnormality detection and positioning method based on symmetry degree sketch
  • Network traffic abnormality detection and positioning method based on symmetry degree sketch

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] The present invention will be further described in detail below in conjunction with specific embodiments, which are explanations of the present invention rather than limitations.

[0071] The present invention is based on the following basic assumptions:

[0072] 1. The behavior of network users has inertia, and the characteristics of network traffic also have inertia;

[0073] 2. In adjacent time windows, the flow characteristics should not change greatly;

[0074] 3. The purpose of network design and development is information exchange. For a network user, when searching for relevant information on the Internet, there must be data packets in and out of both directions.

[0075] The present invention is based on the following basic definitions and theorems

[0076] Definition 1: In the time window T, the number of different destination hosts that a host actively connects to is called the outbound connection degree of the host.

[0077] Definition 2: In the time wind...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network traffic abnormality detection and positioning method based on a symmetry degree sketch. An abnormal behavior is detected through adoption of connection symmetry degree. The detection granularity and precision are higher than those of a traditional method based on traffic feature statistics. The invention provides a calculation method-connection degree sketch of the connection symmetry degree, an IP address is divided into four segments according to structure features of the IP address, and each segment is mapped through adoption of a corresponding hash function group, so the length of a hash table is effectively reduced, a conflict generation probability is effectively reduced, and the relatively precise host connection symmetry degree is obtained. A method for obtaining a threshold value according to distribution condition of self features of the traffic is provided, and the obtained threshold value is changed in real time according to the network traffic features, so the features of the abnormal behavior can be captured relatively accurately, and a relatively good effect is obtained. Through design of a core hash function group of the sketch and utilization of the Chinese remainder theorem, an abnormal source is analyzed and solved, and a solution process is simple and efficient, and a result is accurate.

Description

technical field [0001] The invention belongs to the technical field of data stream analysis and processing, and relates to a method for detecting and locating network traffic anomalies based on Symmetry Sketch. Background technique [0002] With the development and application of computer network technology, network bandwidth and network traffic have increased rapidly, and massive network traffic data has brought great challenges to the real-time and effective measurement and monitoring of large-scale networks. Real-time effective network measurement is of great significance to network management, traffic planning, and network billing. For example, network operators need to count network bandwidth usage or traffic statistics for billing, and network managers need to update routers based on traffic statistics. routing table, and through the effective analysis of network traffic to discover and deal with abnormal network events in a timely manner. Therefore, the real-time mea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/16H04L63/1425H04L63/1458
Inventor 秦涛刘艳雨王平辉王博沈壮管晓宏
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap