For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Analyzing the Number of Varieties in Frequently Found Flows
Yusuke SHOMURA Yoshinori WATANABE Kenichi YOSHIDA
IEICE TRANSACTIONS on Communications
Publication Date: 2008/06/01
Online ISSN: 1745-1345
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Network Management/Operation
DDoS, worm, scan, P2P,
Full Text: PDF(530.6KB)>>
Abnormal traffic that causes various problems on the Internet, such as P2P flows, DDoS attacks, and Internet worms, is increasing; therefore, the importance of methods that identify and control abnormal traffic is also increasing. Though the application of frequent-itemset-mining techniques is a promising way to analyze Internet traffic, the huge amount of data on the Internet prevents such techniques from being effective. To overcome this problem, we have developed a simple frequent-itemset-mining method that uses only a small amount of memory but is effective even with the large volumes of data associated with broadband Internet traffic. Using our method also involves analyzing the number of distinct elements in the itemsets found, which helps identify abnormal traffic. We used a cache-based implementation of our method to analyze actual data on the Internet and demonstrated that such an implementation can be used to provide on-line analysis of data while using only a small amount of memory.