A Study of Applying Entropy and Principal Componet Analysis for Networking Traffic Anomaly Analysis
碩士 === 中原大學 === 電機工程研究所 === 100 === It's a challenge task to analyze networking traffic and identify anomalies in real-time at wire-speed. In this thesis, we propose a framework with limited memory space to perform network traffic analysis at the core networks. The design is based on sketch alg...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2012
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/16189155569859929609 |
| Summary: | 碩士 === 中原大學 === 電機工程研究所 === 100 === It's a challenge task to analyze networking traffic and identify anomalies in real-time at wire-speed. In this thesis, we propose a framework with limited memory space to perform network traffic analysis at the core networks. The design is based on sketch algorithm implemented in hardware to digest the highly dimensional traffic information at wire-speed. The compact data structure is then feedback to the system to conduct analysis with Entropy and Principal Component Analysis (PCA) in a streaming fashion. Based on several real-world traffic traces, simulations are performed to reveal the effectiveness of this framework. We also provide in-depth discussions for the system design with tradeoffs on accuracy, time and space.
|
|---|