Analysis of malicious traffic and its impact to QoS metric LRD and energy invariant
The Internet is evolving from a single best effort service to a multi-services network. The success of the Internet has increased its vulnerability to misuse and performance problems. The existence of network anomaly packets inside normal traffic can decrease QoS performance substantially. These ano...
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2006
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/3130/ http://eprints.utm.my/3130/1/Foad-PARS062.pdf |
| Summary: | The Internet is evolving from a single best effort service to a multi-services network. The success of the Internet has increased its vulnerability to misuse and performance problems. The existence of network anomaly packets inside normal traffic can decrease QoS performance substantially. These anomalous events can provoke some changes in the QoS perceived by all users of the network, and then break the service level agreement (SLA) at the Internet service. It is hard to detect and distinguish malicious packet and legitimate packets in the traffic. The reason is behavior of Internet traffic is very far from being regular, and presents large variations in its throughput at all scales due to self-similarity, multi- fractality and long-range dependence (LRD). The aim of this paper is to analysis the impact of malicious network attacks (host and network attacks) on network second order QoS metric. The dynamic traffic behavior is characterized by LRD and Energy Invariant change. These changes in the LRD function and Energy Invariant therefore can give direction of developing more robust network anomaly detection. We use benchmark DARPA for our data testing. From the experiments we categorize the QoS impact into three categories: increase LRD, imitate LRD and decrease LRD. |
|---|