Influence of Data-Reduction Techniques on Traffic Anomaly Detection

Statistical techniques for detecting anomalous traffic can be an invaluable tool for the operators of large IP networks. However, the effectiveness of anomaly-detection schemes is extremely sensitive to the data-reduction methods used to manage the large volume of data and identify the statistical outliers. In this paper, the authors analyze the impact of sampling, temporal aggregation, and IP address anonymization on anomaly detection, focusing on one week of data for the Abilene and Geant backbones.

Provided by: Princeton University Topic: Collaboration Date Added: Jan 2011 Format: PDF

Find By Topic