Based On Network Traffic Distributed Abnormal Localization Method

In these years, with the rapid global development of networks, the kind and the quantity of the traffic are growing day by day. The situation of network security is grim. There are network traffic anomalies in most of network security events. They will expend the bandwidth, then the network will be congested, and the packets will get lost, the delay will become larger. The network can even become unavailable. The network traffic anomalies will expend the resources of network devices, and the legality quests cannot be responded. So detection and location of anomalous traffic are becoming a topic of concern.At first, this paper summarizes the network traffic anomaly and anomaly location, introduces several kinds of technologies of anomaly detection, analyses their advantages and disadvantages, and introduces the development trends. Then this paper introduces the anomaly location, points out the aim of anomaly location, introduces the research actuality and the problem of network traffic anomaly detection and anomaly location, then propose some research clews in this paper.This paper introduces a cumulative distributed anomaly detection system. After research and ameliorating the way of setting the queue length limit of the monitor, the system can get a balance between detection accuracy and communication overhead.When the network traffic anomaly appeared, network traffic anomaly location is needed to make a response quickly and accurately. We put forward a distributed anomaly location scheme based on network traffic. Using distributed abnormal detection system for multipoint detection. With the difference of detection results of different detection points, the attack flows can be located. Due to its simplicity, our scheme could be deployed in complex networks. Experimental results with real-life network traffic data sets demonstrate that our scheme can locate the link where the attack flows are exactly.At last, based on the cumulative distributed anomaly detection system, we develop an abnormal location system with multipoint joined abnormal detection system. There are three layers in its configuration. Use the distributed network anomaly location scheme to locate the network traffic anomaly. The simulations prove the system effectively.