|
|
Please login using the form on menu list.
It is required to login for Full-Text PDF.
|
A Speed-Up Technique for Aggregated Flow Mining
Yusuke SHOMURA
Yoshinori WATANABE
Naoya IKEDA
Publication
B - Abstracts of IEICE TRANSACTIONS on Communications (Japanese Edition) Vol.J92-B No.10 pp.1579-1587
Publication Date: 2009/10/01
Online ISSN: 1881-0209
Print ISSN: 1344-4697
Type of Manuscript: Special Section PAPER (Special Issue on Secure and Sustainable Internet Architecture)
Category:
Keyword:
DDoS,
worm,
P2P,
cardinality,
Full Text(in Japanese): PDF(834.3KB)
Summary:
Abnormal traffic that causes various problems on the Internet, such as P2P flows, DDoS attacks, and Internet worms, is increasing; therefore, the importance of methods that identify and control abnormal traffic is also increasing. Though the application of frequent-itemset-mining techniques is a promising way to analyze Internet traffic, the huge amount of data on the Internet prevents such techniques from being effective. The limitation of DRAM memory access speed makes this problem further difficult. To overcome this problem, we have developed aggregated flow mining (AFM) that uses only a small amount of memory but is effective even with the large volumes of data associated with broadband Internet traffic. In this paper, a hash-based packet aggregation method and a multi-thread cardinality analysis method are proposed to achieve real-time analyzing ability for 18-Gbps networks.
|
|
