| In recent years, the scale of Internet is rapidly growing. The needs of mobile operators’data storage, analysis and detection have been one of most important issues. Up to now, there are a number of studies for detecting anomaly network traffic. However, detection studies for big data in distributed real-time computation system are limited to batch processing, for example Hadoop platform. It is not actively being made based on Storm. Thus, this thesis presents for detecting anomaly mobile network traffic based on dynamic k-NN cumulative-distance abnormal detection algo-rithm. All experiments are conducted under control of our proposed platform for anomaly network traffic detection system on Storm. And our experimental results show that our system performs well in finding abnormal point realtimely。This thesis firstly introduces the classification of network traffic, including network traffic anomaly, especially the classification of DDoS attacks, and DDoS attacks attack methods in common use and research status.Then, based on the existing detection methods, according to the mas-sive data environment and existing RawFlow data characteris-tics, this thesis uses for real-time monitoring system of traffic anomaly detec-tion algorithm of dynamic k-NN algorithm based on the cumulative distance.Then, this thesis makes a study of designing real time monitoring system for Internet flow. Each component has a detailed system. Through the study of these components, this thesis solves some important prob-lems of network traffic monitoring in mass data environment.Finally, this thesis analyses abnormal network traffic based on results detected by real-time monitoring system for example flow. |
PDF Full Text Request