Design And Realize For An Anomaly Traffic Detection Systembase On NetFlow

Posted on:2010-09-25

Degree:Master

Type:Thesis

Country:China

Candidate:X Wang

Full Text:PDF

GTID:2178360278467784

Subject:Computer technology

Abstract/Summary:

PDF Full Text Request

Today,the number of Internet services is continuous increasing ,along with the Internet users. The reliability and security of these services have become more and more important. Netflow based detection of abnormal traffic is proposed to detect the attack and to provide Internet users a solid and reliable network.Netflow is a technology which is used to accelerate data switch in network equipment by Cisco system. It has a powerful data collection and analysis capability and is becoming the upper most criterion for IP/MPLS traffic flow, which is applied widely in network management field. There are many techniques based on Netflow to analyse the traffic flow and provide accounting and billing information of the network service. It has been applied to monitor behavior of network user and traffic flow and usage of network services.The task use the Inner Mongolia Agricultural University campus as a test environment ,and use netflow agreement as basic ,and use open source collection and analyze software flow-tools combine mysql to collection ,analyze and save the data stream of Netflow ,and use APACHE+PHP+MYSQL to char show design a set of fairly complete an Anomaly Traffic Detection System base on NetFlow. This article narrates the design and realization of the steps of an Anomaly Traffic Detection System from both the theory and practice. The system consists of a data collect module ,a data analysis module , a data storage module and a data show module. ThroughConfigure router export data,use the flow-capture program of open source collection and analyze software flow-tools collect data,followed, first of all,analyse a large number of NetFlow data and analysis of abnormal behavior , Set up a model based on anomaly detection,and then using flow-print program and perl language to filter and aggregation netflow data,followed,use the anomaly detection model analyze Whether abnormal behavior happened ,the data have Abnormal behavior into mysql database. Finally ,use PHP show Abnormal behavior data in chart, Make available to the network administrator for further treatment.

Keywords/Search Tags:

netflow, network security, abnormal traffic detection, traffic analysis

PDF Full Text Request

Related items

1	Research And Implementation Of NetFlow-based Network Traffic Analysis And Abnormal Traffic Detection System
2	Design And Implementation Of A Network Traffic Measurement And Analysis System Based On NetFlow
3	Research On Anomaly Detection Techniques Based On Netflow Network Traffic
4	Separation And Attack Detection Of Abnormal Network Traffic Based On Netflow
5	P2P Traffic Detection On Large Scale NetFlow Data
6	The Analysis And Detection Of Abnormal Flows Based On Data Mining
7	Design And Implementation Of A Network Traffic Monitor System
8	The Design And Implementation Of Network Traffic Gathering And Analysis System
9	The Research And Realization Of Traffic Monitoring And Treatment Of Anomaly Traffic In Campus Network
10	Research On Network Attack Detection Technology Based On Abnormal Traffic Analysis