Professional Documents
Culture Documents
Scheme to Exploit
Hierarchical Data in Network
Traffic Analysis
Abstract
► There is significant need to improve existing techniques for
clustering multivariate network traffic flow record and
quickly infer underlying traffic patterns.
► we investigate the use of clustering techniques to identify
interesting traffic patterns from network traffic data in an
efficient manner.
► A framework is developed to deal with mixed type
attributes including numerical, categorical, and hierarchical
attributes.
► We demonstrate the improved accuracy and efficiency of
our approach in clustering network traffic.
Existing System
Categorization based Network monitoring
(Auto Focus) techniques
Traffic matrix
Traffic volume
Traffic dynamics
Traffic mixture
Disadvantages
► Itdoes not has Hierarchical Classification
► DOS Attacker can not be Found
► No Intimation for any violation
Proposed System
► Hierarchical, distance-based clustering scheme
(Echidna).
► To summarize the main types of traffic flows that
are observed in a network.
► Introduction of a new distance measure for
hierarchically structured attributes such as IP
addresses and a set of heuristics.
► Summarize and compress reports of significant
traffic clusters from a hierarchical clustering
algorithm.
Advantages
► It has System based Hierarchical
Classification
► Efficient Network Traffic Monitoring
► Infer of underlying patterns for multivariate
traffic flows
► It Identify DOS Attack
Requirement Analysis
► SOFTWARE REQUIREMENTS:-
► Java1.3or More
► Java Swing – front end
► SQL-back end
► Windows 98 or more.
► HARDWARE REQUIREMENTS:-
► Hard disk : 40 GB
► RAM : 265 MB or more
► Processor : Pentium III Processor or
more
Modules
► Tree construction
► Traffic analysis
► System classification
► Network management
Modules Description
Tree construction
In this module we construct a topology with individual Nodes which is
tree based. Tree consists of a number of nodes in hierarchical order
i.e. root node, parent nodes and child nodes. With this topology we
enable our transmission of messages. We clusters the tree topology
based on the hierarchy level. Collecting Nodes ip address, port, cluster
level details, it maintain in the network monitoring system.
Traffic analysis
In this module we analyze the traffic and classify them as per their
attributes. This process is done by a initial analysis of the overall
network traffic and the traffic is classified into 3 types and they are
Numerical data, Categorical data, Hierarchal data .Source IP and
Destination IP are hierarchical attributes, byte details is numerical
attributes , and the type of protocol , message type are categorical
attributes.
System classification
In this module we classify the systems in the network based on its
cluster hierarchy. It has done using hierarchical data. If traffic occurs
in the network means, the monitoring System find out the attacker
system by using this system classification. Source IP and Port details
notify the attacker system among the network Based on the system
classification data classification is done.
Network management
In this module we analyze the traffic flow in the network. The flow of
data and usage level of each node is monitored. As per their usage
they are classified and placed in the corresponding table as per their
usage. The higher usage system and lower usage systems are marked.
If traffic occurs in the network, the management system sends the
warning message to attacker system and also discards the DOS
attacker exceeding packets.
Architecture Diagram
Root
N3 N4 N5 N6
Data Flow diagram:
Send
the
packets
Hierarchical, categorical,
numerical, Classification
Receiver
receive the
data