| In recent years, with the rapid development of the Internet and its far-ranging applications, the Internet has become the indispensable tools in our daily life. Because of the openness of the IP network environment, and also the lack for the comprehensive consideration on security of IPv4 when it was designed, so the situation of IP network security is very grim in nowadays. Coming along with the normal traffic, mixed anomaly also appears, and its appearance has influenced the normal traffic of the network. To detect and manage anomaly has become an important daily work in network management.This thesis focuses on the network anomaly detecting technology in campus network. And a method which based on wavelet technique and wavelet novel theory is put forward to detect network anomaly after analyzing network traffic's characteristics. We decompose the network traffic to different frequencies by using flow, packet and byte. Through analyzing wavelet coefficient we can judge whether network anomalies are taking place.Aiming at network anomalies produced by portscan and Denial of Service (DoS) attacks, the thesis also put forward one quantitative detecting method---wavelet variation method. We had evaluated various wavelet functions with this method for their effectiveness at detecting different kinds of anomalies, and found more ideal wavelet functions. |
PDF Full Text Request