Skip to main content
Conference Proceedings

TADOOP: Mining network traffic anomalies with Hadoop

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (2015) 164 175-192
DOI: 10.1007/978-3-319-28865-9_10
7Citations
Citations of this article
9Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Today, various anomalies and large number of flows in a network make traffic anomaly detection a big challenge. In this paper, we propose DTE-FP (Dual q Tsallis Entropy for flow Feature with Properties), a more efficient method for traffic anomaly detection. To handle huge amount of traffic, based on Hadoop, we implement a network traffic anomaly detection system named TADOOP, which supports semiautomatic training and both offline and online traffic anomaly detection. TADOOP with a cluster of five servers has been deployed in Tsinghua University Campus Network. Furthermore, we compare DTE-FP with Tsallis entropy, and the experimental results show that DTE-FP has much better detection capability than Tsallis entropy.

Author supplied keywords

Cite

CITATION STYLE

APA

Tian, G., Wang, Z., Yin, X., Li, Z., Shi, X., Lu, Z., … Wu, D. (2015). TADOOP: Mining network traffic anomalies with Hadoop. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (Vol. 164, pp. 175–192). Springer Verlag. https://doi.org/10.1007/978-3-319-28865-9_10

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free