Traffic anomaly detection in backbone networks has received increased at-tention from the research community over the last years. A variety of tech-niques and implementations has been proposed in this area, some which hasbecome commercial products. However, studies have revealed that theseproducts are hardly used, mainly because of high false-positive rates andthe fact that manual inspection of alarms is a time consuming task for thenetwork administrator.Senatus is a recently proposed technique for combined anomaly detectionand root-cause analysis, originally proposed by Atef Abdelkefi. In this the-sis, we provide a complete high-performance implementation of Senatus,including a web Dashboard with overview of anomalies and the possibil-ity for manual fine-tuning of parameters. Furthermore, we have verifiedSenatus performance by comparing Senatus with a implementation of awell-known histogram-based anomaly detection technique.Our results show that Senatus performs very well for detection scans, andthat it matches the histogram-based anomaly detector for Denial of Service-attacks.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ntnu-19076 |
| Date | January 2012 |
| Creators | Askeland, Christian Emil, Salvesen, Anders Emil, Østvold, Arne Fjæren |
| Publisher | Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk, Institutt for telematikk |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0018 seconds