STATISTICAL TECHNIQUES FOR DETECTING TRAFFIC ANOMALIES THROUGH PACKET HEADER DATA-NET
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
electronics seminars
Active In SP
**

Posts: 694
Joined: Nov 2009
#1
13-01-2010, 07:26 AM


STATISTICAL TECHNIQUES FOR DETECTING TRAFFIC ANOMALIES THROUGH PACKET HEADER DATA-NETWORKING

Abstract: THE frequent attacks on network infrastructure, using various forms of denial of service (DoS) attacks and worms, have led to an increased need for developing techniques for analyzing and monitoring network traffic. If efficient analysis tools were available, it could become possible to detect the attacks, anomalies and take action to suppress them before they have had much time to propagate across the network. In this paper, we study the possibilities of traffic-analysis based mechanisms for attack and anomaly detection. The motivation for this work came from a need to reduce the likelihood that an attacker may hijack the campus machines to stage an attack on a third party. A campus may want to prevent or limit misuse of its machines in staging attacks, and possibly limit the liability from such attacks. In particular, we study the utility of observing packet header data of outgoing traffic, such as destination addresses, port numbers and the number of flows, in order to detect attacks/anomalies originating from the campus at the edge of a campus. Detecting anomalies/attacks close to the source allows us to limit the potential damage close to the attacking machines. Traffic monitoring close to the source may enable the network operator quicker identification of potential anomalies and allow better control of administrative domainâ„¢s resources. Attack propagation could be slowed through early detection. Our approach passively monitors network traffic at regular intervals and analyzes it to find any abnormalities in the aggregated traffic. By observing the traffic and correlating it to previous states of traffic, it may be possible to see whether the current traffic is behaving in a similar (i.e., correlated) manner. The network traffic could look different because of flash crowds, changing access patterns, infrastructure problems such as router failures, and DoS attacks. In the case of bandwidth attacks, the usage of network may be increased and abnormalities may show up in traffic volume. Flash crowds could be observed through sudden increase in traffic volume to a single destination. Sudden increase of traffic on a certain port could signify the onset of an anomaly such as worm propagation. Our approach relies on analyzing packet header data in order to provide indications of

Possible abnormalities in the traffic. .NET
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
sunikavihemanth
Active In SP
**

Posts: 1
Joined: May 2010
#2
03-05-2010, 07:26 PM

please send me full report please its very urgent
please send me the report its very urgent plz
Reply
seminars on demand
Active In SP
**

Posts: 201
Joined: Jun 2010
#3
09-06-2010, 10:08 PM

Statistical Techniques for Detecting Traffic Anomalies
Through Packet Header Data


This project and implimentation aims at Creating a technique for traffic anomaly detection based on analyzing correlation of destination IP addresses in outgoing traffic at an egress router.The inspiration of this project and implimentation is to prevent a attacker to hijack the campus machines to stage an attack on a third party. The packet header data of outgoing traffic is scanned to accomplish this, such as destination addresses, port numbers and the number of flows, in order to detect attacks/anomalies originating from the campus at the edge of a campus.The Traffic monitoring close to the source may enable the network operator quicker identification of potential anomalies. early detection of the attack can reduce the Attack propagation or slow it down.
In this approach, the network traffic is passively monitored at regular intervals and is analyzed to find any abnormalities in the aggregated traffic. By correlating it to previous states of traffic, it can be determined whether the current traffic is behaving in a similar (i.e., correlated) manner. Through this flash crowds, router failures, DoS attacks, bandwidth attacks etc can be detected.

for full details, refer this doc :

.doc   Statistical Techniques for Detecting Traffic Anomalies Through Packet Header Data.doc (Size: 45 KB / Downloads: 153)
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply
gayathryaarabhi
Active In SP
**

Posts: 1
Joined: Sep 2010
#4
11-09-2010, 06:55 PM

can i have more information on this project and implimentation??this have been approved as my project and implimentation topic..
Reply
project report helper
Active In SP
**

Posts: 2,270
Joined: Sep 2010
#5
24-09-2010, 10:41 AM

for More Info About STATISTICAL TECHNIQUES FOR DETECTING TRAFFIC ANOMALIES THROUGH PACKET HEADER DATA-NET




ieeexplore.ieeexpls/abs_all.jsp?arnumber=4460526
Reply
projectsofme
Active In SP
**

Posts: 1,124
Joined: Jun 2010
#6
28-09-2010, 05:45 PM


.doc   Statistical Techniques for Detecting Traffic Anomalies through Packet Header Data.doc (Size: 127 KB / Downloads: 55)
Statistical Techniques for Detecting Traffic Anomalies through Packet Header Data


SCOPE OF THE POJECT:
The main aim of the project and implimentation is to reduce the traffic caused in the network while transmitting data’s using egress router and ingress router.

The frequent attacks on network infrastructure, using various forms of denial of service (DoS) attacks and worms, have led to an increased need for developing techniques for analyzing and monitoring network traffic.

If efficient analysis tools were available, it could become possible to detect the attacks, anomalies and take action to suppress them before they have had much time to propagate across the network. In this paper, we study the possibilities of traffic-analysis based mechanisms for attack and anomaly detection.

The motivation for this work came from a need to reduce the likelihood that an attacker may hijack the campus machines to stage an attack on a third party. A campus may want to prevent or limit misuse of its machines in staging attacks, and possibly limit the liability from such attacks.

In particular, we study the utility of observing packet header data of outgoing traffic, such as destination addresses, port numbers and the number of flows, in order to detect attacks/anomalies originating from the campus at the edge of a campus.

Detecting anomalies/attacks close to the source allows us to limit the potential damage close to the attacking machines. Traffic monitoring close to the source may enable the network operator quicker identification of potential anomalies and allow better control of administrative domain’s resources.


Attack propagation could be slowed through early detection. Our approach passively monitors network traffic at regular intervals and analyzes it to find any abnormalities in the aggregated traffic. By observing the traffic and correlating it to previous states of traffic, it may be possible to see whether the current traffic is behaving in a similar (i.e., correlated) manner.

The network traffic could look different because of flash crowds, changing access patterns, infrastructure problems such as router failures, and DoS attacks. In the case of bandwidth attacks, the usage of network may be increased and abnormalities may show up in traffic volume. Flash crowds could be observed through sudden increase in traffic volume to a single destination.

Sudden increase of traffic on a certain port could signify the onset of an anomaly such as worm propagation. Our approach relies on analyzing packet header data in order to provide indications of possible abnormalities in the traffic.
Our approach to detecting anomalies envisions two kinds of detection mechanisms, i.e., postmortem and real-time modes. A postmortem analysis may exploit many hours of traffic data as a single data set, employing more rigorous, resource-demanding techniques for analyzing traffic.
Reply
seminar class
Active In SP
**

Posts: 5,361
Joined: Feb 2011
#7
08-03-2011, 04:23 PM


.ppt   Statistical Techniques for Detecting Traffic Anomalies.ppt (Size: 97.5 KB / Downloads: 50)
Statistical Techniques for Detecting Traffic Anomalies Through Packet Header Data
ABSTRACT

 This project and implimentation proposes a traffic anomaly detector, operated in postmortem and in real-time, by passively monitoring packet headers of traffic. The frequent attacks on network infrastructure, using various forms of denial of service attacks, have led to an increased need for developing techniques for analyzing network traffic.
 If efficient analysis tools were available, it could become possible to detect the attacks, anomalies and to take action to contain the attacks appropriately before they have had time to propagate across the network.
 In this project and implimentation, we suggest a technique for traffic anomaly detection based on analyzing correlation of destination IP addresses in outgoing traffic at an egress router. This address correlation data are transformed using discrete wavelet transform for effective detection of anomalies through statistical analysis.
 Results from trace-driven evaluation suggest that proposed approach could provide an effective means of detecting anomalies close to the source. We also present a multidimensional indicator using the correlation of port numbers and the number of flows as a means of detecting anomalies
SYSTEM REQUIREMENTS
HARDWARE SPECIFICATION

 Processor Type : Pentium -IV
 Speed : 2.4 GHZ
 Ram : 1 GB RAM
 Hard disk : 160 GB HD
SOFTWARE SPECIFICATION
 Operating System : Win XP service Pack 2
 Programming Package : Visual Studio.NET 2008
 Front End : Asp. net, C#
 Dot net frame work : 3.5
 Server : IIS Server
EXISTING SYSTEM
 In this older system we have use the Instruction Detection system (IDS) and some of the firewalls. This is the main drawback of the system. Here also use the packet filtering and packet marking. These two are the main features in the older system. In packet filtering we can filter the packet shaped messages only. Then packet marking we cant get some special kind of messages. So these are the drawbacks of the system. Here also use the ICMP trace back messages. Here we can get the proper trace out messages.
Disadvantage:
 Due to the variations in bandwidth, latency and loss rate on different channels, link striping suffers from packet reordering thereby adversely affecting the performance of any QoS concerned applications. Hardware-based solutions often prolong transmission latency which is undesirable for delay sensitive applications and are restricted with the available buffer space on the device. So all these drawbacks we can use the new system
PROPOSED SYSTEM
 In this proposed system we use the attacker spoofs bread crumbs. Older versions we having some problems for sending the messages. Using the spoofs and crumbs we can get the messages clearly and security. Then also provide the authentication for users. This system is more efficient and security.
 Then we get the cheap digital signatures for bread crumbs. Using the digital signatures we can increase the security level of getting the messages. The client can send the request to the server then the server get the message from the server clearly. Using these above steps we can get the clear and secret messages.
 we first propose a sequence preserving scheduling (SPS) scheme to schedule packets among multiple heterogeneous communication channels assuming that the workload is perfectly divisible. We analyze the throughput and derive expressions for the batch size, scheduling time and the maximum number of channels that can be supported by the sender and receiver.
Advantage:
 Effectively schedule variable length packets for link striping, we propose a packetized sequence preserving scheduling (P-SPS) scheme by applying a combined packetized technique of deficit round robin (DRR) and surplus round robin (SRR).
MODULES
 Node creation
 Node communication
 Shortest path finding to implement
 Sender module
 Packet scheduling module
 Applying divisible load theory
 Receiver module
Reply
arunpriya
Active In SP
**

Posts: 2
Joined: Feb 2011
#8
12-03-2011, 07:08 PM

I need architecture design in statistical techniques for detecting traffic anomalies through packet header data and problem definition, modules description,reference books, websites.
Reply
arunpriya
Active In SP
**

Posts: 2
Joined: Feb 2011
#9
12-03-2011, 07:18 PM

I want problem definition, architecture design diagram, module description for login, client, ingress router, egress router, file sending;Reference books and websites.[/font]
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Switching and Traffic Grooming in WDM Networks at java project topics 3 951 09-09-2016, 02:27 PM
Last Post: Dhanabhagya
  WATERMARKING RELATIONAL DATABASES USING OPTIMIZATION-BASED TECHNIQUES electronics seminars 12 8,955 13-07-2016, 04:17 PM
Last Post: jaseela123
  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing PPT project girl 1 1,009 21-10-2015, 01:52 PM
Last Post: Guest
  Web Traffic Analyzer mechanical wiki 3 1,995 01-07-2015, 02:51 PM
Last Post: Guest
  Data Hiding in Video using Least Bit Technique seminar tips 1 576 18-10-2014, 05:40 AM
Last Post: wayan sukadana
  data mining full report project report tiger 35 199,216 03-10-2014, 04:30 AM
Last Post: kwfEXGu
  A Novel Data Embedding Method Using Adaptive Pixel Pair Matching Report project girl 4 1,853 18-09-2014, 03:49 PM
Last Post: Radhika.m
  Cooperative Provable Data Possession for Integrity Verification in Multi-Cloud Storag seminar flower 3 3,177 23-05-2014, 10:04 AM
Last Post: seminar project topic
  Detecting Anomalous Insiders in Collaborative Information Systems project girl 1 783 11-11-2013, 10:22 PM
Last Post: Guest
  online college admission system project and implimentation in asp net with code project girl 7 5,639 15-10-2013, 07:23 PM
Last Post: Guest