Research And Implementation Of NetFlow-based Network Traffic Analysis And Abnormal Traffic Detection System

Today, the number of Internet services is continuous increasing, along with the Internet users. The reliability and security of these services have become more and more important. 'Flow' based detection of abnormal traffic is proposed to detect the attack and to provide Internet users a solid and reliable network.NetFlow makes it easier to get 'Flow' information from large scale network. More and more famous networking companies have started to support NetFlow. How to use NetFlow to analyze the network status becomes a new research direction of network management.Two suites of well-known NetFlow-based tools are used widely by network adinistrators all over the world.But both of them are complicated to set up and unreliable when the traffic grows huge. And the users have to be experts on both NetFlow and the tool itself.How to make it easy to analyze traffic and to detect abnormal traffic becomes the main research direction.Each attack or abnormal traffic has its own characteristic. Based on this issue, a solution of detection of network abnormal traffic is proposed.How this solution is implemented is described at last. Distributed architecture is used in this NetFlow based network management system to increase the reliability in case that it is using on a busy network. The system is used by network administrator to manage the whole campus traffic and to alarm when the abnormal traffic happens. At the mean time it doesn't need the network administrator to be a NetFlow expert...