| With the development of computer network technology and the expansion of network size, there are more and more attacks to our networks. Anomaly detection as a security protecting system had been an important part of network security field.Distributed anomly detection is one of Anomly detection method, whose goal is to monitor network traffic, process the traffic information then analyze, find out network anomlies, then check alarms, ensuring the efficient of network operation.Distributed anomly detection as an important method to deal with large scaled network attacks such as DDos, Worms, becomes a hotspot in network security field.This paper first introduces a cumulative trigger distributed anomaly detection method, and then discussed trigger setting method. We improved the prediction model at the monitor side and give a reasonable formula of miss detection.We put forword a traffic pretreated with cumulative trigger distributed anomaly detection method. The network traffic parameters are decomposed into three parts, periodic, long-term trend and random, in preprocess stage which located in monitors. Only random part is used for anomaly detection. This motheod can effectively minimize the interactivities between monitors and processing-center, can effectively ruduce the miss detection rate and false alarms. The simulation proved our traffic pretreated with cumulative trigger distributed anomaly detection method work effectively.We simulate a simple network condition, make use of a traffic generating method at monitor side, and then simulate different attacks at different times. For the anomaly detection system's self security, when the monitor joined the detection system we introduce Identity Authentication method, for the data integrality between the monitor and the coordinator, we introduce digital signatures. At last we check the traffic pretreated with cumulative trigger distributed anomaly detection method, give a worthy reference for Distributed anomly detection design in real-life. |
PDF Full Text Request