Study On The Methods For Detecting And Forcasting Computer Network Traffic Anomalies

With the increasing number of users in the computer network of NingXia Electric Power Communication Corporation and the rapid development of internet, the current computer network capacity and business models can't meet up with the users' demands. What's more, with the development of Basic Assembler Network, the ads12/ads12+ which support Broadband Romate Access are widelspreadly used, and special-line access are used by a group of corporations. In order to supply the users with high speedly and credible broad band access, manage the defferent kinds of users effectively so that they can use the net resource reasonablely, keep up with the application of internet, NingXia Electric Power Communication Corporation plans to change the current broad band access network especially alternate the centeral equipments, which also ensure this computer network accesses safely, workes more steadily and mor crediblely.However, the scale and complexity are increasing and the heterogeneous is much higher than before. On the other hand, users advance higher request about network service, which makes the management of networks become more difficult. Consequently, it is difficult to detect anomalies accurately in real-time network management, which becomes an important research problem. The anomaly detection of network traffic is the key point in anomaly management for computer network. Traffic anomalies can significantly disrupt and degrade network service. Therefore, making real-time monitor and management and finding out anomaly for network traffic has significant meanings in improving both robust and available for computer network.At first, this paper introduces the survey and technologies of anomaly detection. Then analyses and evaluates are discussed for common anomaly detection algorithms.For non-stationary traffic, a general method is proposed based on a separation of the non-stationary traffic into disjoint components corresponding to normal and anomalous network conditions. This separation can be performed effectively by both marginal distribution and residuals analysis of parameters for anomalous component. Experimental result shows the method can deal with non-stationary traffic data, so anomaly detection of real network traffic is implemented.In addtion, a framework of anomaly detection in large-scale networks is proposed. As an example, IP Forwarding anomaly detection is analyzed. A simple, robust method is proposed that relies on high-resolution measurements and on-line analysis of network traffic to provide real-time alarms in the incipient phase of network anomalies. The anomaly identification algorithms based on behavior model using path changes, flow shift and packet delay variance.Finally, base on the current state and the future trend of NingXia Electric Power Communication Corporation, we want to foresee the development of internet safety and the application of computer network traffic anomalies.