Detecting Traffic Anomalies in Network through Packet Header Data

Abstract

The paper proposes how to detect network traffic anomalies through packet header data. In this the system needs to observe the growth rate of the traffic over the network through analysing the packet size and to study the traffic in network through the data that aggregates into flows having unique source/destination IP and port. The paper suggests a technique for traffic anomaly detection by analysing correlation of destination IP addresses in outgoing traffic and proposes a traffic anomaly detector that has been operated by passively monitoring packet headers of traffic. Results from evaluation suggests that the paper proposes the approach that could provide an effective means of detecting traffic anomalies in network close to the source.