Today, various anomalies and large number of flows in a network make traffic anomaly detection a big challenge. In this paper, we propose DTE-FP (Dual q Tsallis Entropy for flow Feature with Properties), a more efficient method for traffic anomaly detection. To handle huge amount of traffic, based on Hadoop, we implement a network traffic anomaly detection system named TADOOP, which supports semiautomatic training and both offline and online traffic anomaly detection. TADOOP with a cluster of five servers has been deployed in Tsinghua University Campus Network. Furthermore, we compare DTE-FP with Tsallis entropy, and the experimental results show that DTE-FP has much better detection capability than Tsallis entropy.
CITATION STYLE
Tian, G., Wang, Z., Yin, X., Li, Z., Shi, X., Lu, Z., … Wu, D. (2015). TADOOP: Mining network traffic anomalies with Hadoop. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (Vol. 164, pp. 175–192). Springer Verlag. https://doi.org/10.1007/978-3-319-28865-9_10
Mendeley helps you to discover research relevant for your work.