Identifying Anomalous Traffic Sources Using Flow Statistics

The authors propose a method of identifying anomalous traffic sources using flow statistics. They have investigated a way of detecting whether or not anomalies occur by observing the behavior of several time-series of flow statistics such as the number of flows. After detecting the occurrence of network anomalies, the authors need to identify the source of the anomalies. In this paper, they describe a method of identifying anomalous traffic sources. For this purpose, they apply data mining approaches such as the K-nearest neighbor method, naive Bayesian classifier, neural network, and support vector machine.