SlideShare una empresa de Scribd logo

G03403041052

T
theijes

The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published. The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.

IngenieríaTecnología
1 de 12
Descargar para leer sin conexión
The International Journal Of Engineering And Science (IJES) || Volume || 3 || Issue || 4 || Pages || 41-52 || 2014 || ISSN (e): 2319 – 1813 ISSN (p): 2319 – 1805 www.theijes.com The IJES Page 41 Analysis of Pattern Recognition Techniques for Detecting Traffic Anomalies Maksha D.D. & Zirra P.B 1 Adamawa State University, Mubi, PMB 25 Mubi Adamawa state-Nigeria dmaksha@yahoo.com -------------------------------------------------------------ABSTRACT-------------------------------------------------------- Network traffic anomalies stand for a large number of the internet traffic and highly affect the performance of the network resources. Detecting these threats is a time consuming task and is laborious that network operators face daily. In spite of the advantages of these methods, researchers have reported several common drawbacks that affect their use in practice. The generation of packet header, IP addresses as well as the communication between client and the server were achieved through simulation. A server and a client were designed in Java programming language using server and socket classes. Hough transform is then applied to the picture in order to obtain a Hough space. From the Hough space, points that constitute a line in the picture, based on the threshold that are identified. The lines drawn in the Hough space representing the points that intersects. These straight lines indicate abnormal behavior in the simulated network communication. They are the identified anomalies in the traffic. Statistical method has common drawback as lack of ground truth data and approximate evaluation of the method. This method take advantage compared to other method which stated that graphical representation reduce the dimension of network traffic and provide intuitive output as it is not possible with current statistical method. Therefore network operators should adopt the current method of detecting anomaly which in turn increases performance and quest for development. Keyword: Network Traffic, Data, Anomaly, Hough Space --------------------------------------------------------------------------------------------------------------------------------------- Date of Submission: 25 March 2014 Date of Publication: 20 April 2014 --------------------------------------------------------------------------------------------------------------------------------------- I. INTRODUCTION The internet has become a common medium for communication and information exchange, providing many attractive services for ordinary users. A victim of its own success, internet traffic is still growing at a fast rate and contains an increasing amount of anomalies such as configuration failures and attacks. These improper uses of network resource consume bandwidth and adversely affect the performance of networks. Thus, these anomalies penalize legitimate applications from using an optimal amount of network resources. Since the core of the internet is particularly deteriorated by anomalous traffic, quick and accurate detection of anomalies in the backbone traffic has been a hot topic[6].Also, the success of internet services result in a constant network traffic growth along with an increasing number of anomalies such as remote attacks (examples; Denial Of Service (DOS) attack, port scan, worm spreading, phishing, hackers, virus,) bad configuration, and interception of data on network. These anomalies represent a large fraction of the internet traffic that is unwanted and penalizes legitimate users from accessing „optimal network resources. Therefore, detecting and diagnosing these threats are crucial tasks for network operators that are trying to maintain the internetresources made available. Due to the important traffic volume involved, quick and accurate identification of anomalies in the internet traffic requires automation. Intensive studies have been carried out in this field but the proposed anomaly detection methods still have important drawbacks that affect their practical usage in real environment[6]. Detecting Anomalies The pattern-recognition based detector takes advantage of image processing techniques to provide intuitive output and parameter set.The main idea of the detection method is to monitor the traffic in Two Dimensional (2-D) pictures where anomalies appear as “line” which is easily identifiable using a pattern recognition technique called Hough transform. This method overcomes several shortcomings of current statistical-based anomaly detectors; similarly to the statistical base detector it requires constant attention from network operators to be optimally used[5].
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 42 Packed Header Data Packet is a small group of digits having a well-defined format whichcan form part of complete digital message [2]. A whole setof such packets constitute the message. Forms of signal encoding may thenbe used which facilitate automatic error detection. Packet switching is amethod of transmitting a digital message as a series of short numbered frame across communication system. Also packet may be described as a buffer of certain size, full of data that is transmitted from one machine to another. This data buffer is transmitted differently depending on which “data link” network in use, such as Ethernet, Fibre Distributed Data Interface (FDDI), toke-ring, Wide Area Network (WAN), point to point links and so forth. The end result is the same entire bundle called a buffer, is transmitted from one machine to another and arrives at the destination intact (hopefully).However, header enables long message to be broken down into a large number of packages before transmission and correctly re-assemble it at its destination. From network point of view, a protocol header contains information that is specific for that protocol. II. STATEMENT OF THE PROBLEM Statistical analysis is an appealing approach to solve the anomaly detection problem. However, resulting anomaly detections suffer from high error rate as investigating the output of statistical tools and tuning their parameter set in accordance to the analyzed network traffic is challenging. Hence pattern-recognition based detector is reliable detectors that can be use conveniently and successfully, with good output. Also by applying a pattern-recognition techniques using Two Dimensional (2-D), it will be able to detect new and unknown anomalies. It report traffic that is featuring anomalous behaviour. III. AIM AND OBJECTIVES OF THE STUDY The aim of this research is to develop an anomaly detector through packet data header using image processing techniques of 2-D transformation.The objectives include: [1] To produce a means of detecting anomalies in Internet network traffic. [2] To detect some issues (e.g. TCP SYN flood attack) that occurs in TCP protocol before it affects the network system. IV. RELATED WORK The methods of detecting anomalies in internet traffic data are numerous. Different features of the internet can be used to accomplish this task. The internet traffic feature chosen for this research is the packet header data. Using that information, it is easy to plot this information into the graph and detect any unusual pattern referred to as an anomaly.A set of flows altering the distribution of at least one of the four following traffic features: the sources IP address, destination IP address, source port and destination port can be investigated. This has sprung an areaof research that has recently received a lot of attention [7].Internet traffic anomaly detection aims at identifying anomalous traffic that is transmitting in the core of the internet, where the monitored traffic is asymmetric due to routing policies, thus flows are incomplete[4].There are two approaches to anomaly detection: Network intrusion detection and Internet traffic anomaly detection[5]. The goal m intrusion detection is toprotect a network from remote threats. Thus the detection method is monitoring the traffic at the edge of the protected network where complete flows and packet pay load are usually accessible. In contrast, internet traffic anomaly detection aim at identifying anomalous traffic that is transmitted in the core of the internet where the monitored traffic is asymmetric due to routing policies, thus flows are incomplete [5]. The work is dedicated exclusively to internet traffic anomalydetection, thus in this dissertation anomaly detection refer only to this specific domain. Volume based approaches are monitoring the number of bytes, packets or flows transmitted over time and aims at detecting abnormal variance that represent abusive usage of network resources or resource failure. Several methods have been proposed to effectively identify local and global traffic volume variances that stand for respectively short and long lasting anomalies.[1] proposed a method base on wavelet that inspects the traffic volume at different frequencies. Their approach makes use of the wavelet analysis to dissect the traffic into three distinct signals representing local, normal and global variance of the traffic. The decomposed signal are analyzed by a detection procedure that finds the irregularities and reports the period of time they occur. Since the three signals represent the traffic at different time scales, this approach is able to report short and long lasting anomalies. Nevertheless, as the whole traffic is aggregated into a single signal diagnosing the detected anomalies is challenging and anomalous are left unknown.[6]proposed a detection method that detect and diagnoses anomalies in large scale works. First, their approach monitors the traffic using a matrix in which each cell represents the traffic volume of alink of the network at a certain time interval. Second, the main behaviour of the traffic is extracted from his matrix with the Principal Component Analysis (PCA) and anomalies are detected in residual traffic. Finally, the origin and destination nodes of the network that are affected by the
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 43 anomalous traffic are identified and reported.Anomaly detectors themselves have to be evaluated. This is done so as to compare their efficiencies and determine the most suitable anomaly detector for any given condition. Providing ground truth data evaluate anomaly a detector is a challenge that has been addressed several times in the past. We distinguish two different approaches to evaluate an anomaly detector, namely using simulated or real traffic [3].According to [4] providing real internet traffic for the evaluation of anomaly detectors is challenging for two main reasons: [1] Labeling anomalous traffic in real internet traffic is difficult because of the lack of truth worthy method and the traffic volume that makes manual labeling unpractical. [2] Proving internet traffic is inherently problematic because of the privacy issues. recently proposed a data set containing real backbone traffic where anomalies are precisely located. In this work the traffic is captured at different points in the used network, which is supposed to be anomaly free, and the researchers generate two kinds of anomalies; flash crowd and Distributed Denial of Service (DDOS) attacks. Their experiment consisted of different scenarios where the intensity of the anomalies varies. Thus, the sensitivity of the detector to DDOS and flash crowd is easily identified. However, there are only a few kinds of anomaliesin their data and they are not a realistic representation of the diverse anomalies found on the internet. According to [4] adeeper understanding of the Measurement and Analysis on the WIDE Internet (MAWI) traffics is achieved by analyzing the traffic with three anomaly detectors based on different theoretical background, These are: [1] Principal component analysis (PCA) [2] Gamma modeling [3] Kullback-leiblerdivergence Statistical sequential change-point detection has been applied successfully to network anomaly detection;[11] characterized network anomalies with management Information Size Base (MIB) variable undergoing abrupt changes in a correlated fashion.Given a set of MIB variables sampled at a fixed time-interval, the authors compute a network health function by combining the abnormality indicators of each individual MIB variable. This network health function can be used to determine whether there is an anomaly in the network. [12]detect SYN flooding attacks based on the dynamics of the differences between the number of SYN and FIN packets, which is model as a stationary periodic random process. The non - parametric cumulative sum (CUSUM) method is then used to detect the abrupt changes in the observed time series and thus detect the SYN flooding attacks.[10] develop a traffic anomaly detection scheme based on Kalman Filter. Unlike [6] process the link data using a Kalman Filter rather than PCA analysis to predict the traffic matrix one step 4 into the future. After the prediction is made, the actual traffic matrix is estimated based on new link data. Than the difference between theprediction and the actual traffic volume anomaly based on different threshold‟s methods. Kalman filter has been applied successful to a wide variety of problems involving the estimation of dynamics of linear system from incomplete data. Thus, it is a promising tool for network anomaly detection together with other more complicated models of non-linear dynamics. V. METHODOLOGY The two traffic features to be considered are: [1] Source IP address [2] Destination IP address The reason for the use of only two parameters for our proposed anomaly detection is because the two are sufficient to implement our detector. Some other parameters like source and destination ports cannot be used, because time of recording the data stream can also be used especially when evaluating the efficiencies of various anomaly detectors. However, for this study the destination and source IP addresses are deemed sufficient in order to achieve our aim and objectives. Translating the collection of these source and destination IP addresses over a period of time will require performing the following. [1] We make the horizontal axis to represent time. [2] The vertical axis to represent either the source IP or destination IP addresses. [3] The shade of the plot (whether dark or light) indicates the amount of packets. [4] The apparent “lines” represent excessive use of traffic features.
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 44 Operation of the system Anomaly Detection Hough Transform Algorithm for 2-D Scatter Plots To detect any anomaly in form of line or edges, Hough Transform Algorithm is employed as follows: [1] Take a point ( 11 , yx ) in the image, all lines which passes through that pixel to produce an equation in the form cmxy  11 (1) [2] For varying value of m and c equation (1) can be re-write as 11 ymxc  (2) where 1 x and y1 are constants and m and c are variables. [3] Get a straight line on a graph. Each different line through the ( 11 , yx `) corresponds to one of the points on the line in (m,c) space (termed as Hough Space). [4] Take all pixels which lie on the same line with ( 1 , yx ) space to represent the lines which passed through a single point in (m,c) space. [5] Collect consecutive detected lines to derive an algorithm for pattern recognition. [6] Fig. 3.4(A): Principle Of Hough Transform
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 45 Fig. 3.4(b): Principle of Hough Transform lgorithm 1: Anomaly Detection and Classification 1: define F as number of traffic features used (F = 2) 2: set the sliding window at the beginning of the data 3: while. (window: =eof) do 4: for (all packets in the window) 5: plot packet in P pictures and store header information 6: end for 7: for (all pictures) do 8: compute the Hough space for the picture 9: extract lines from the Hough space 10: for (all lines found) do 11: implement a new event (using event handler e) 12: retrieve all packet header from line 13:e←summarizes traffic features from packet headers 14: if (anomaly with main feature (a) = main features of e) then 15 add etoa 16: else 17: create a new anomaly 18: end if 19: end for 20: end for 21: close Slide the window 22: end while. IV. RESULTS AND DISCUSSION The results of different cases were tested. For the detected Traffic anomalies through packet header data, the user will start the server. The server will wait for a communication from the client. When the client has started the system, it will attempt to established connection with the server. Once the connection is established immediately, communication will start flowing between the client and the server. The generation of packet header, IP addresses as well as the communication between client and the server were achieved through simulation. A server and a client were designed in Java programming language using server and socket classes. First the server is started and it waits for connection from a client. Then the client is started, which connects to the server and the communication is established. The period of a complete communication is known as a session.
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 46 Case I Figure 4.1a has the IP address at the y-axis and the time on the horizontal axis. The points seen are the scatter plots. Figure 4.1b contain the same axis as in Figure 4.1a, but is a Hough space. It contains three intersections. The number of intersection in the Hough space produced. The detected anomalies in Figure 4.1c. The straight lines in Figure 4.1c are the anomalies. The number of intersection correspond to the number of points on the scatter plot that constitute a line base on the threshold, hence the anomaly. Case II In case 2, Figure 4.2a contains points greater than Figure 4.2a, but the points are two scatrer since the points are two scatrered, they will not be able to make an intersection in the Hough space in Figure 4.2b. Since there were no intersection in Figure 4.2b, the points will remain as it is without producing any anomaly. No enough points are found to constistute a line. Sonsequently no intersection appear on Figure 4.2b which is the Hough space. These straight lines as seen in Figure 4.1c and 4.2c respectively indicate abnormal behavior in the simulated network communication. They are the identified anomalies in the traffic. Comparing this output with [11] asserted that statistical method that has common drawback as lack of ground truth data and approximate evaluation of the method.This method take advantage compared to [3] which stated that graphical representation reduce the dimension of network traffic and provide intuitive output as it is not possible with current statistical method. IV. CONCLUSION The recommendations that have been put forward will no doubt in improving performance, efficiency and effectiveness. If these recommendations are implemented and the existing anomaly detection is reviewed, then the objective of the anomaly detection will no doubt be attainable. This study has help in contributing to the knowledge as it increased the accuracy in detecting anomalies in network. This is because anomalies are being identified as picture and picture can easily be identify and read easily compared to other techniques that will involves sampling without ground truth data as used in statistical techniques. Further, this method takes advantage of graphical representation to reduce the dimension of network traffic. REFERENCES [1] P. Barford, J. Kline andD. Ploika (2002).A signal analysis of network traffic Anomalies.New Jersey: Prentice Hall. [2] K.G. Beauchamp (1990).Computer communication. 2nded. Chapman& Hall: London [3] X. Braukhoff, A.Dimitropoulos J. Wagner. AndK. Salarnatian (2009).Anomaly extraction in back bone networks using association rule.Rio de Janerrio: Brazil. [4] R. Fontugne , K. Fukuda & J. Himura (2010).Estimated Speed and Scanning Activities with Hough-transform.Sokendai: Japan. [5] R. Funtugneand K.Fukuda (2011). An analysis of longitudinal tcppassive measurements.Retrieved November, 20, 2012. from http:// www.fukuda-lab.org/mawilab/. [6] A. Lakina, M. Crovella& C. Diot (2004).Diagnosing networking -wide traffic anomalies. New York: Willy. [7] A. Lakina , M.Crovella M. & C.Diot(2005).Mining anomalies using traffic feature distribution. New York: McGraw- Hill Companies. [8] A. Lakina,K. Papaginnaki, M. Crovella, C.Diot, EN. Ko1aczk andN. Taft (2004).Structure analysis ofNetwork traffic flows. New York: Spring-Verlag. [9] P.Owezarski (2010).A database of anomalies traffic for accessing profile based. Retrieved December 7, 2012 from http://www.abolene.iu.edu/routage. [10] A. Soule,K. Samatian and N. Taft (2005).Combining filtering and statistical methodfor anomaly detection. New York: Wiley. [11] M.Ji. Thottan, Y. Yan, and G.Liu (2003).Anomaly detection in IP networks.International Journal of Computer Science and Communication Network.51(8), 2191-2204. [12] W.Wang,X. Zhang, W. Shin, and S. Jin (2002).Detecting SYN flooding attack.Retrieved December 20, 2012 from http://www.tcpdump.org/.
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 47 APPENDIX Figure 4.1: Scattered plot Fig. 4.1a: 2D Scatter Plot Fig. 4.1b: Hough Space IP Address Time Fig. 4.1c: 2D Scatter Plot with detected line 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 48 Fig. 4.2a: 2D Scatter Plot 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time 5 10 15 20 25 30 35 40 45 50
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 49 Fig. 4.2b: Hough space Fig. 4.2c: 2D Scatter Plot with no line detected 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 50 Time IP Address
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 51 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 52 SHORT BIOGRAPHY Maksha Daniel Didfee obtained his BSc degree in computer at Adamawa State University Mubi, Nigeria in 2010. Currently running MSc computer science same Adamawa State University, Mubi. His area of interest is computer network. Doctor Peter Buba Zirra is Lecturer with Adamawa State University, Mubi Nigeria. He obtained his Doctorate degree in Computer Science from Modibbo Adama University of Technology, Yola in 2012, MSc in Computer Science from Abubakar Tafawa Balewa University, Bauchi in 2006, MBA (Finance) from University of Maiduguri, Borno state in 2000 and had his B.Tech in computer science, 1994 same AbubakarTafawaBalewa University, Bauchi. His area of interest includes Computer Network and Security. He is happily married with two children.

Recomendados

Approximation of regression-based fault minimization for network traffic
Approximation of regression-based fault minimization for network trafficApproximation of regression-based fault minimization for network traffic
Approximation of regression-based fault minimization for network trafficTELKOMNIKA JOURNAL
 
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...IRJET Journal
 
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...Eswar Publications
 
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATION
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATIONIMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATION
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATIONijwmn
 
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...IJECEIAES
 
Rustam Pirmagomedov
Rustam PirmagomedovRustam Pirmagomedov
Rustam PirmagomedovAlexMinov
 
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...Eswar Publications
 
An Ordinary & Innovative Packet Routing Schemes in VANET
An Ordinary & Innovative Packet Routing Schemes in VANETAn Ordinary & Innovative Packet Routing Schemes in VANET
An Ordinary & Innovative Packet Routing Schemes in VANETIRJET Journal
 

Recomendados

Approximation of regression-based fault minimization for network traffic
Approximation of regression-based fault minimization for network trafficApproximation of regression-based fault minimization for network traffic
Approximation of regression-based fault minimization for network trafficTELKOMNIKA JOURNAL
 
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...
Data Rates Performance Analysis of Point to Multi-Point Wireless Link in Univ...IRJET Journal
 
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...
Performance Evaluation and Comparison of On-Demand Routing Protocols for Ad H...Eswar Publications
 
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATION
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATIONIMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATION
IMPROVING MANET ROUTING PROTOCOLS THROUGH THE USE OF GEOGRAPHICAL INFORMATIONijwmn
 
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...
Impact of Packet Inter-arrival Time Features for Online Peer-to-Peer (P2P) Cl...IJECEIAES
 
Rustam Pirmagomedov
Rustam PirmagomedovRustam Pirmagomedov
Rustam PirmagomedovAlexMinov
 
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...
A Study on Hardware and Software Link Quality Metrics for Wireless Multimedia...Eswar Publications
 
An Ordinary & Innovative Packet Routing Schemes in VANET
An Ordinary & Innovative Packet Routing Schemes in VANETAn Ordinary & Innovative Packet Routing Schemes in VANET
An Ordinary & Innovative Packet Routing Schemes in VANETIRJET Journal
 
A Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSNA Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSNIJARIIT
 
By passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bprBy passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bprLogicMindtech Nologies
 
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...IJCNCJournal
 
Itcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitorItcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitorijcsit
 
Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)Cisco Service Provider Mobility
 
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...pijans
 
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...IJCNCJournal
 
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETSSECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETSIJCNCJournal
 
Attacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A ReviewAttacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A ReviewIRJET Journal
 
Internet measurement (Presentation)
Internet measurement (Presentation)Internet measurement (Presentation)
Internet measurement (Presentation)Amir Hossein Mandegar
 
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...ijceronline
 
Evaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksEvaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksIJERA Editor
 
Unit 5
Unit 5Unit 5
Unit 5SwamiKankipati
 
Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011nelsondonnac
 
Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...IOSR Journals
 
July 4 BluFax Demo Briefing
July 4 BluFax Demo BriefingJuly 4 BluFax Demo Briefing
July 4 BluFax Demo Briefingnelsondonnac
 
DATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMSDATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMSDhairya Gandha
 
Unit 1
Unit 1Unit 1
Unit 1SwamiKankipati
 
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...IJECEIAES
 
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc NetworkIRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc NetworkIRJET Journal
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural AddressesBooz Allen Hamilton
 
How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startupLoic Le Meur
 

Más contenido relacionado

La actualidad más candente

A Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSNA Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSNIJARIIT
 
By passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bprBy passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bprLogicMindtech Nologies
 
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...IJCNCJournal
 
Itcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitorItcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitorijcsit
 
Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)Cisco Service Provider Mobility
 
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...pijans
 
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...IJCNCJournal
 
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETSSECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETSIJCNCJournal
 
Attacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A ReviewAttacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A ReviewIRJET Journal
 
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...ijceronline
 
Evaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksEvaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksIJERA Editor
 
Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011nelsondonnac
 
Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...IOSR Journals
 
July 4 BluFax Demo Briefing
July 4 BluFax Demo BriefingJuly 4 BluFax Demo Briefing
July 4 BluFax Demo Briefingnelsondonnac
 
DATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMSDATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMSDhairya Gandha
 
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...IJECEIAES
 
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc NetworkIRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc NetworkIRJET Journal
 

La actualidad más candente (20)

A Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSNA Review on Traffic Classification Methods in WSN
A Review on Traffic Classification Methods in WSN
 
By passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bprBy passing infected areas in wireless sensor networks using bpr
By passing infected areas in wireless sensor networks using bpr
 
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
6RLR-ABC: 6LOWPAN ROUTING PROTOCOL WITH LOCAL REPAIR USING BIO INSPIRED ARTIF...
 
Itcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitorItcm a real time internet traffic classifier monitor
Itcm a real time internet traffic classifier monitor
 
Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)Building Accurate Traffic Matrices with Demand Deduction (White Paper)
Building Accurate Traffic Matrices with Demand Deduction (White Paper)
 
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
A CELLULAR BONDING AND ADAPTIVE LOAD BALANCING BASED MULTI-SIM GATEWAY FOR MO...
 
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
Jamming Detection based on Doppler Shift Estimation in Vehicular Communicatio...
 
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETSSECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
SECURING BGP BY HANDLING DYNAMIC NETWORK BEHAVIOR AND UNBALANCED DATASETS
 
Attacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A ReviewAttacks and Routing Protocols in MANET: A Review
Attacks and Routing Protocols in MANET: A Review
 
Internet measurement (Presentation)
Internet measurement (Presentation)Internet measurement (Presentation)
Internet measurement (Presentation)
 
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
Comparative Performance Evaluation of Ad-hoc on Demand Distance Vector Routin...
 
Evaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular NetworksEvaluation of CSSR with Direct TCH Assignment in Cellular Networks
Evaluation of CSSR with Direct TCH Assignment in Cellular Networks
 
Unit 5
Unit 5Unit 5
Unit 5
 
Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011Blu Fax Recent Advances 2 24 2011
Blu Fax Recent Advances 2 24 2011
 
Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...Analysis of service-oriented traffic classification with imperfect traffic cl...
Analysis of service-oriented traffic classification with imperfect traffic cl...
 
July 4 BluFax Demo Briefing
July 4 BluFax Demo BriefingJuly 4 BluFax Demo Briefing
July 4 BluFax Demo Briefing
 
DATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMSDATA COMMUNICATION SYSTEMS
DATA COMMUNICATION SYSTEMS
 
Unit 1
Unit 1Unit 1
Unit 1
 
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
Joint Routing and Congestion Control in Multipath Channel based on Signal to ...
 
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc NetworkIRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
IRJET-A_AODV: A Modern Routing Algorithm for Mobile Ad-Hoc Network
 

Destacado

How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startupLoic Le Meur
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your BusinessBarry Feldman
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakShelly Sanchez Terrell
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
 

Destacado (6)

Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural Addresses
 
How to think like a startup
How to think like a startupHow to think like a startup
How to think like a startup
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
 
Teaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & TextspeakTeaching Students with Emojis, Emoticons, & Textspeak
Teaching Students with Emojis, Emoticons, & Textspeak
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI Explainer
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
 

Similar a G03403041052

Network Traffic Anomaly Detection Through Bayes Net
Network Traffic Anomaly Detection Through Bayes NetNetwork Traffic Anomaly Detection Through Bayes Net
Network Traffic Anomaly Detection Through Bayes NetGyan Prakash
 
Internet ttraffic monitering anomalous behiviour detection
Internet ttraffic monitering anomalous behiviour detectionInternet ttraffic monitering anomalous behiviour detection
Internet ttraffic monitering anomalous behiviour detectionGyan Prakash
 
An Enhanced Technique for Network Traffic Classification with unknown Flow De...
An Enhanced Technique for Network Traffic Classification with unknown Flow De...An Enhanced Technique for Network Traffic Classification with unknown Flow De...
An Enhanced Technique for Network Traffic Classification with unknown Flow De...IRJET Journal
 
Web server load prediction and anomaly detection from hypertext transfer prot...
Web server load prediction and anomaly detection from hypertext transfer prot...Web server load prediction and anomaly detection from hypertext transfer prot...
Web server load prediction and anomaly detection from hypertext transfer prot...IJECEIAES
 
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...theijes
 
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...Editor IJMTER
 
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN Algorithm
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN AlgorithmIRJET - Network Traffic Monitoring and Botnet Detection using K-ANN Algorithm
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN AlgorithmIRJET Journal
 
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...Eswar Publications
 
Online stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficOnline stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficeSAT Journals
 
Online stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficOnline stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficeSAT Publishing House
 
IRJET- Efficient and Secure Communication In Vehicular AD HOC Network
IRJET- Efficient and Secure Communication In Vehicular AD HOC NetworkIRJET- Efficient and Secure Communication In Vehicular AD HOC Network
IRJET- Efficient and Secure Communication In Vehicular AD HOC NetworkIRJET Journal
 
Machine Learning Based 5G Network Channel Quality Prediction
Machine Learning Based 5G Network Channel Quality PredictionMachine Learning Based 5G Network Channel Quality Prediction
Machine Learning Based 5G Network Channel Quality PredictionIRJET Journal
 
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...IRJET Journal
 
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN... BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...Nexgen Technology
 
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...IRJET Journal
 

Similar a G03403041052 (20)

Network Traffic Anomaly Detection Through Bayes Net
Network Traffic Anomaly Detection Through Bayes NetNetwork Traffic Anomaly Detection Through Bayes Net
Network Traffic Anomaly Detection Through Bayes Net
 
Internet ttraffic monitering anomalous behiviour detection
Internet ttraffic monitering anomalous behiviour detectionInternet ttraffic monitering anomalous behiviour detection
Internet ttraffic monitering anomalous behiviour detection
 
M41028892
M41028892M41028892
M41028892
 
An Enhanced Technique for Network Traffic Classification with unknown Flow De...
An Enhanced Technique for Network Traffic Classification with unknown Flow De...An Enhanced Technique for Network Traffic Classification with unknown Flow De...
An Enhanced Technique for Network Traffic Classification with unknown Flow De...
 
Web server load prediction and anomaly detection from hypertext transfer prot...
Web server load prediction and anomaly detection from hypertext transfer prot...Web server load prediction and anomaly detection from hypertext transfer prot...
Web server load prediction and anomaly detection from hypertext transfer prot...
 
Ijet v5 i6p10
Ijet v5 i6p10Ijet v5 i6p10
Ijet v5 i6p10
 
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...
Region Based Time Varying Addressing Scheme For Improved Mitigating Various N...
 
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...
 
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN Algorithm
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN AlgorithmIRJET - Network Traffic Monitoring and Botnet Detection using K-ANN Algorithm
IRJET - Network Traffic Monitoring and Botnet Detection using K-ANN Algorithm
 
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...
Enhancing the Efficiency of Routing Protocols in VANETS by defending Dos Atta...
 
Online stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficOnline stream mining approach for clustering network traffic
Online stream mining approach for clustering network traffic
 
Online stream mining approach for clustering network traffic
Online stream mining approach for clustering network trafficOnline stream mining approach for clustering network traffic
Online stream mining approach for clustering network traffic
 
690 698
690 698690 698
690 698
 
A044030110
A044030110A044030110
A044030110
 
IRJET- Efficient and Secure Communication In Vehicular AD HOC Network
IRJET- Efficient and Secure Communication In Vehicular AD HOC NetworkIRJET- Efficient and Secure Communication In Vehicular AD HOC Network
IRJET- Efficient and Secure Communication In Vehicular AD HOC Network
 
Machine Learning Based 5G Network Channel Quality Prediction
Machine Learning Based 5G Network Channel Quality PredictionMachine Learning Based 5G Network Channel Quality Prediction
Machine Learning Based 5G Network Channel Quality Prediction
 
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...
IRJET- Comparative Study on Embedded Feature Selection Techniques for Interne...
 
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN... BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...
BIG DATA ANALYTICS FOR USER-ACTIVITY ANALYSIS AND USER-ANOMALY DETECTION IN...
 
H0444146
H0444146H0444146
H0444146
 
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...
IRJET- Securing on Demand Source Routing Protocol in Mobile Ad-Hoc Networks b...
 

Último

Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlysanyuktamishra911
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 

Último (20)

Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 

G03403041052

  • 1. The International Journal Of Engineering And Science (IJES) || Volume || 3 || Issue || 4 || Pages || 41-52 || 2014 || ISSN (e): 2319 – 1813 ISSN (p): 2319 – 1805 www.theijes.com The IJES Page 41 Analysis of Pattern Recognition Techniques for Detecting Traffic Anomalies Maksha D.D. & Zirra P.B 1 Adamawa State University, Mubi, PMB 25 Mubi Adamawa state-Nigeria dmaksha@yahoo.com -------------------------------------------------------------ABSTRACT-------------------------------------------------------- Network traffic anomalies stand for a large number of the internet traffic and highly affect the performance of the network resources. Detecting these threats is a time consuming task and is laborious that network operators face daily. In spite of the advantages of these methods, researchers have reported several common drawbacks that affect their use in practice. The generation of packet header, IP addresses as well as the communication between client and the server were achieved through simulation. A server and a client were designed in Java programming language using server and socket classes. Hough transform is then applied to the picture in order to obtain a Hough space. From the Hough space, points that constitute a line in the picture, based on the threshold that are identified. The lines drawn in the Hough space representing the points that intersects. These straight lines indicate abnormal behavior in the simulated network communication. They are the identified anomalies in the traffic. Statistical method has common drawback as lack of ground truth data and approximate evaluation of the method. This method take advantage compared to other method which stated that graphical representation reduce the dimension of network traffic and provide intuitive output as it is not possible with current statistical method. Therefore network operators should adopt the current method of detecting anomaly which in turn increases performance and quest for development. Keyword: Network Traffic, Data, Anomaly, Hough Space --------------------------------------------------------------------------------------------------------------------------------------- Date of Submission: 25 March 2014 Date of Publication: 20 April 2014 --------------------------------------------------------------------------------------------------------------------------------------- I. INTRODUCTION The internet has become a common medium for communication and information exchange, providing many attractive services for ordinary users. A victim of its own success, internet traffic is still growing at a fast rate and contains an increasing amount of anomalies such as configuration failures and attacks. These improper uses of network resource consume bandwidth and adversely affect the performance of networks. Thus, these anomalies penalize legitimate applications from using an optimal amount of network resources. Since the core of the internet is particularly deteriorated by anomalous traffic, quick and accurate detection of anomalies in the backbone traffic has been a hot topic[6].Also, the success of internet services result in a constant network traffic growth along with an increasing number of anomalies such as remote attacks (examples; Denial Of Service (DOS) attack, port scan, worm spreading, phishing, hackers, virus,) bad configuration, and interception of data on network. These anomalies represent a large fraction of the internet traffic that is unwanted and penalizes legitimate users from accessing „optimal network resources. Therefore, detecting and diagnosing these threats are crucial tasks for network operators that are trying to maintain the internetresources made available. Due to the important traffic volume involved, quick and accurate identification of anomalies in the internet traffic requires automation. Intensive studies have been carried out in this field but the proposed anomaly detection methods still have important drawbacks that affect their practical usage in real environment[6]. Detecting Anomalies The pattern-recognition based detector takes advantage of image processing techniques to provide intuitive output and parameter set.The main idea of the detection method is to monitor the traffic in Two Dimensional (2-D) pictures where anomalies appear as “line” which is easily identifiable using a pattern recognition technique called Hough transform. This method overcomes several shortcomings of current statistical-based anomaly detectors; similarly to the statistical base detector it requires constant attention from network operators to be optimally used[5].
  • 2. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 42 Packed Header Data Packet is a small group of digits having a well-defined format whichcan form part of complete digital message [2]. A whole setof such packets constitute the message. Forms of signal encoding may thenbe used which facilitate automatic error detection. Packet switching is amethod of transmitting a digital message as a series of short numbered frame across communication system. Also packet may be described as a buffer of certain size, full of data that is transmitted from one machine to another. This data buffer is transmitted differently depending on which “data link” network in use, such as Ethernet, Fibre Distributed Data Interface (FDDI), toke-ring, Wide Area Network (WAN), point to point links and so forth. The end result is the same entire bundle called a buffer, is transmitted from one machine to another and arrives at the destination intact (hopefully).However, header enables long message to be broken down into a large number of packages before transmission and correctly re-assemble it at its destination. From network point of view, a protocol header contains information that is specific for that protocol. II. STATEMENT OF THE PROBLEM Statistical analysis is an appealing approach to solve the anomaly detection problem. However, resulting anomaly detections suffer from high error rate as investigating the output of statistical tools and tuning their parameter set in accordance to the analyzed network traffic is challenging. Hence pattern-recognition based detector is reliable detectors that can be use conveniently and successfully, with good output. Also by applying a pattern-recognition techniques using Two Dimensional (2-D), it will be able to detect new and unknown anomalies. It report traffic that is featuring anomalous behaviour. III. AIM AND OBJECTIVES OF THE STUDY The aim of this research is to develop an anomaly detector through packet data header using image processing techniques of 2-D transformation.The objectives include: [1] To produce a means of detecting anomalies in Internet network traffic. [2] To detect some issues (e.g. TCP SYN flood attack) that occurs in TCP protocol before it affects the network system. IV. RELATED WORK The methods of detecting anomalies in internet traffic data are numerous. Different features of the internet can be used to accomplish this task. The internet traffic feature chosen for this research is the packet header data. Using that information, it is easy to plot this information into the graph and detect any unusual pattern referred to as an anomaly.A set of flows altering the distribution of at least one of the four following traffic features: the sources IP address, destination IP address, source port and destination port can be investigated. This has sprung an areaof research that has recently received a lot of attention [7].Internet traffic anomaly detection aims at identifying anomalous traffic that is transmitting in the core of the internet, where the monitored traffic is asymmetric due to routing policies, thus flows are incomplete[4].There are two approaches to anomaly detection: Network intrusion detection and Internet traffic anomaly detection[5]. The goal m intrusion detection is toprotect a network from remote threats. Thus the detection method is monitoring the traffic at the edge of the protected network where complete flows and packet pay load are usually accessible. In contrast, internet traffic anomaly detection aim at identifying anomalous traffic that is transmitted in the core of the internet where the monitored traffic is asymmetric due to routing policies, thus flows are incomplete [5]. The work is dedicated exclusively to internet traffic anomalydetection, thus in this dissertation anomaly detection refer only to this specific domain. Volume based approaches are monitoring the number of bytes, packets or flows transmitted over time and aims at detecting abnormal variance that represent abusive usage of network resources or resource failure. Several methods have been proposed to effectively identify local and global traffic volume variances that stand for respectively short and long lasting anomalies.[1] proposed a method base on wavelet that inspects the traffic volume at different frequencies. Their approach makes use of the wavelet analysis to dissect the traffic into three distinct signals representing local, normal and global variance of the traffic. The decomposed signal are analyzed by a detection procedure that finds the irregularities and reports the period of time they occur. Since the three signals represent the traffic at different time scales, this approach is able to report short and long lasting anomalies. Nevertheless, as the whole traffic is aggregated into a single signal diagnosing the detected anomalies is challenging and anomalous are left unknown.[6]proposed a detection method that detect and diagnoses anomalies in large scale works. First, their approach monitors the traffic using a matrix in which each cell represents the traffic volume of alink of the network at a certain time interval. Second, the main behaviour of the traffic is extracted from his matrix with the Principal Component Analysis (PCA) and anomalies are detected in residual traffic. Finally, the origin and destination nodes of the network that are affected by the
  • 3. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 43 anomalous traffic are identified and reported.Anomaly detectors themselves have to be evaluated. This is done so as to compare their efficiencies and determine the most suitable anomaly detector for any given condition. Providing ground truth data evaluate anomaly a detector is a challenge that has been addressed several times in the past. We distinguish two different approaches to evaluate an anomaly detector, namely using simulated or real traffic [3].According to [4] providing real internet traffic for the evaluation of anomaly detectors is challenging for two main reasons: [1] Labeling anomalous traffic in real internet traffic is difficult because of the lack of truth worthy method and the traffic volume that makes manual labeling unpractical. [2] Proving internet traffic is inherently problematic because of the privacy issues. recently proposed a data set containing real backbone traffic where anomalies are precisely located. In this work the traffic is captured at different points in the used network, which is supposed to be anomaly free, and the researchers generate two kinds of anomalies; flash crowd and Distributed Denial of Service (DDOS) attacks. Their experiment consisted of different scenarios where the intensity of the anomalies varies. Thus, the sensitivity of the detector to DDOS and flash crowd is easily identified. However, there are only a few kinds of anomaliesin their data and they are not a realistic representation of the diverse anomalies found on the internet. According to [4] adeeper understanding of the Measurement and Analysis on the WIDE Internet (MAWI) traffics is achieved by analyzing the traffic with three anomaly detectors based on different theoretical background, These are: [1] Principal component analysis (PCA) [2] Gamma modeling [3] Kullback-leiblerdivergence Statistical sequential change-point detection has been applied successfully to network anomaly detection;[11] characterized network anomalies with management Information Size Base (MIB) variable undergoing abrupt changes in a correlated fashion.Given a set of MIB variables sampled at a fixed time-interval, the authors compute a network health function by combining the abnormality indicators of each individual MIB variable. This network health function can be used to determine whether there is an anomaly in the network. [12]detect SYN flooding attacks based on the dynamics of the differences between the number of SYN and FIN packets, which is model as a stationary periodic random process. The non - parametric cumulative sum (CUSUM) method is then used to detect the abrupt changes in the observed time series and thus detect the SYN flooding attacks.[10] develop a traffic anomaly detection scheme based on Kalman Filter. Unlike [6] process the link data using a Kalman Filter rather than PCA analysis to predict the traffic matrix one step 4 into the future. After the prediction is made, the actual traffic matrix is estimated based on new link data. Than the difference between theprediction and the actual traffic volume anomaly based on different threshold‟s methods. Kalman filter has been applied successful to a wide variety of problems involving the estimation of dynamics of linear system from incomplete data. Thus, it is a promising tool for network anomaly detection together with other more complicated models of non-linear dynamics. V. METHODOLOGY The two traffic features to be considered are: [1] Source IP address [2] Destination IP address The reason for the use of only two parameters for our proposed anomaly detection is because the two are sufficient to implement our detector. Some other parameters like source and destination ports cannot be used, because time of recording the data stream can also be used especially when evaluating the efficiencies of various anomaly detectors. However, for this study the destination and source IP addresses are deemed sufficient in order to achieve our aim and objectives. Translating the collection of these source and destination IP addresses over a period of time will require performing the following. [1] We make the horizontal axis to represent time. [2] The vertical axis to represent either the source IP or destination IP addresses. [3] The shade of the plot (whether dark or light) indicates the amount of packets. [4] The apparent “lines” represent excessive use of traffic features.
  • 4. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 44 Operation of the system Anomaly Detection Hough Transform Algorithm for 2-D Scatter Plots To detect any anomaly in form of line or edges, Hough Transform Algorithm is employed as follows: [1] Take a point ( 11 , yx ) in the image, all lines which passes through that pixel to produce an equation in the form cmxy  11 (1) [2] For varying value of m and c equation (1) can be re-write as 11 ymxc  (2) where 1 x and y1 are constants and m and c are variables. [3] Get a straight line on a graph. Each different line through the ( 11 , yx `) corresponds to one of the points on the line in (m,c) space (termed as Hough Space). [4] Take all pixels which lie on the same line with ( 1 , yx ) space to represent the lines which passed through a single point in (m,c) space. [5] Collect consecutive detected lines to derive an algorithm for pattern recognition. [6] Fig. 3.4(A): Principle Of Hough Transform
  • 5. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 45 Fig. 3.4(b): Principle of Hough Transform lgorithm 1: Anomaly Detection and Classification 1: define F as number of traffic features used (F = 2) 2: set the sliding window at the beginning of the data 3: while. (window: =eof) do 4: for (all packets in the window) 5: plot packet in P pictures and store header information 6: end for 7: for (all pictures) do 8: compute the Hough space for the picture 9: extract lines from the Hough space 10: for (all lines found) do 11: implement a new event (using event handler e) 12: retrieve all packet header from line 13:e←summarizes traffic features from packet headers 14: if (anomaly with main feature (a) = main features of e) then 15 add etoa 16: else 17: create a new anomaly 18: end if 19: end for 20: end for 21: close Slide the window 22: end while. IV. RESULTS AND DISCUSSION The results of different cases were tested. For the detected Traffic anomalies through packet header data, the user will start the server. The server will wait for a communication from the client. When the client has started the system, it will attempt to established connection with the server. Once the connection is established immediately, communication will start flowing between the client and the server. The generation of packet header, IP addresses as well as the communication between client and the server were achieved through simulation. A server and a client were designed in Java programming language using server and socket classes. First the server is started and it waits for connection from a client. Then the client is started, which connects to the server and the communication is established. The period of a complete communication is known as a session.
  • 6. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 46 Case I Figure 4.1a has the IP address at the y-axis and the time on the horizontal axis. The points seen are the scatter plots. Figure 4.1b contain the same axis as in Figure 4.1a, but is a Hough space. It contains three intersections. The number of intersection in the Hough space produced. The detected anomalies in Figure 4.1c. The straight lines in Figure 4.1c are the anomalies. The number of intersection correspond to the number of points on the scatter plot that constitute a line base on the threshold, hence the anomaly. Case II In case 2, Figure 4.2a contains points greater than Figure 4.2a, but the points are two scatrer since the points are two scatrered, they will not be able to make an intersection in the Hough space in Figure 4.2b. Since there were no intersection in Figure 4.2b, the points will remain as it is without producing any anomaly. No enough points are found to constistute a line. Sonsequently no intersection appear on Figure 4.2b which is the Hough space. These straight lines as seen in Figure 4.1c and 4.2c respectively indicate abnormal behavior in the simulated network communication. They are the identified anomalies in the traffic. Comparing this output with [11] asserted that statistical method that has common drawback as lack of ground truth data and approximate evaluation of the method.This method take advantage compared to [3] which stated that graphical representation reduce the dimension of network traffic and provide intuitive output as it is not possible with current statistical method. IV. CONCLUSION The recommendations that have been put forward will no doubt in improving performance, efficiency and effectiveness. If these recommendations are implemented and the existing anomaly detection is reviewed, then the objective of the anomaly detection will no doubt be attainable. This study has help in contributing to the knowledge as it increased the accuracy in detecting anomalies in network. This is because anomalies are being identified as picture and picture can easily be identify and read easily compared to other techniques that will involves sampling without ground truth data as used in statistical techniques. Further, this method takes advantage of graphical representation to reduce the dimension of network traffic. REFERENCES [1] P. Barford, J. Kline andD. Ploika (2002).A signal analysis of network traffic Anomalies.New Jersey: Prentice Hall. [2] K.G. Beauchamp (1990).Computer communication. 2nded. Chapman& Hall: London [3] X. Braukhoff, A.Dimitropoulos J. Wagner. AndK. Salarnatian (2009).Anomaly extraction in back bone networks using association rule.Rio de Janerrio: Brazil. [4] R. Fontugne , K. Fukuda & J. Himura (2010).Estimated Speed and Scanning Activities with Hough-transform.Sokendai: Japan. [5] R. Funtugneand K.Fukuda (2011). An analysis of longitudinal tcppassive measurements.Retrieved November, 20, 2012. from http:// www.fukuda-lab.org/mawilab/. [6] A. Lakina, M. Crovella& C. Diot (2004).Diagnosing networking -wide traffic anomalies. New York: Willy. [7] A. Lakina , M.Crovella M. & C.Diot(2005).Mining anomalies using traffic feature distribution. New York: McGraw- Hill Companies. [8] A. Lakina,K. Papaginnaki, M. Crovella, C.Diot, EN. Ko1aczk andN. Taft (2004).Structure analysis ofNetwork traffic flows. New York: Spring-Verlag. [9] P.Owezarski (2010).A database of anomalies traffic for accessing profile based. Retrieved December 7, 2012 from http://www.abolene.iu.edu/routage. [10] A. Soule,K. Samatian and N. Taft (2005).Combining filtering and statistical methodfor anomaly detection. New York: Wiley. [11] M.Ji. Thottan, Y. Yan, and G.Liu (2003).Anomaly detection in IP networks.International Journal of Computer Science and Communication Network.51(8), 2191-2204. [12] W.Wang,X. Zhang, W. Shin, and S. Jin (2002).Detecting SYN flooding attack.Retrieved December 20, 2012 from http://www.tcpdump.org/.
  • 7. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 47 APPENDIX Figure 4.1: Scattered plot Fig. 4.1a: 2D Scatter Plot Fig. 4.1b: Hough Space IP Address Time Fig. 4.1c: 2D Scatter Plot with detected line 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
  • 8. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 48 Fig. 4.2a: 2D Scatter Plot 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time 5 10 15 20 25 30 35 40 45 50
  • 9. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 49 Fig. 4.2b: Hough space Fig. 4.2c: 2D Scatter Plot with no line detected 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
  • 10. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 50 Time IP Address
  • 11. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 51 10 20 30 40 50 60 60 70 80 90 100 110 IP Address time5 10 15 20 25 30 35 40 45 50
  • 12. Analysis of Pattern Recognition Techniques … www.theijes.com The IJES Page 52 SHORT BIOGRAPHY Maksha Daniel Didfee obtained his BSc degree in computer at Adamawa State University Mubi, Nigeria in 2010. Currently running MSc computer science same Adamawa State University, Mubi. His area of interest is computer network. Doctor Peter Buba Zirra is Lecturer with Adamawa State University, Mubi Nigeria. He obtained his Doctorate degree in Computer Science from Modibbo Adama University of Technology, Yola in 2012, MSc in Computer Science from Abubakar Tafawa Balewa University, Bauchi in 2006, MBA (Finance) from University of Maiduguri, Borno state in 2000 and had his B.Tech in computer science, 1994 same AbubakarTafawaBalewa University, Bauchi. His area of interest includes Computer Network and Security. He is happily married with two children.