My University > Journal of Computers > Journal of Computers第18卷 >

Title: Efficient Network Monitoring for Large Networks
Other Titles: Department of Information Management
Authors: Chen, Chia-Mei; Wei, Chuan-Pi
Keywords: network monitoring
flow profiling
Denial of Service attack
worm propagation
Issue Date: 12-11-2008
Abstract: Denial-of-Service (DoS) attack has become a major threat to the Internet. Network anomaly may be a sign of a possible attack. Network administrators seek for an efficient, scaleable, and real time solution of monitoring a large and heavy traffic network and detecting network anomaly efficiently, or the network might not be able to operate properly. The collected data sometimes might be either too coarse to detect anomaly or too detail to finish processing in real time. SNMP based network monitoring collects coarse information not enough to detect the problem, while packet-sniffing based monitoring retains very detail contents and affects network performance, especially in large networks. Network flow is defined as a unidirectional sequence of packets between the given source and destination network endpoints. Flow information might be the balance between the above two approaches. We propose a network monitoring mechanism for large networks based on flow information which can manage a large network efficiently in real time manner. Based on simulation with the real network traffic, the proposed solution can efficiently monitor a large network and detect Denial of Service (DoS) attacks, port scans, and worm propagation. The results show that it is significantly helpful for network administrators for large networks.
Appears in Collections:Journal of Computers第18卷

Files in This Item:

File Description SizeFormat
JOC_18_4_8.pdf820.53 kBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.


Valid XHTML 1.0!