The Study of Traffic Flow Anomalies in a LAN

  • Janusz Kolbusz
  • Janusz Korniak
Conference paper
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 102)


In the paper self-similarity of traffic flows in local area network is compared in the normal operation environment and in the presence of malicious traffic like attacks, virus activity and spam. The Hurst parameter has been used in this comparison. The results shows that this parameter is changing when malicious traffic is added to normal traffic. Therefore it has been concluded that this method can be used to detect malicious traffic in local are networks.


Intrusion Detection Intrusion Detection System Hurst Parameter Network Intrusion Detection Dictionary Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Cheema, F.M., Akram, A., Iqbal, Z.: Comparative Evaluation of Header vs. Payload based Network Anomaly Detectors. In: Proceedings of the World congress on Engineering, London, U.K., vol. 1, pp. 1–5 (2009)Google Scholar
  2. 2.
    Farid, D., Rahman, M.Z.: Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm. Journal of computers 5(1), 23–31 (2010)CrossRefGoogle Scholar
  3. 3.
    Zhang, J., Zulkernine, M., Haque, A.: Random-Forests-Based Network Intrusion Detection Systems. IEEE Transactions on Systems, Man, and Cybernetics 38, 649–659 (2008)CrossRefGoogle Scholar
  4. 4.
    Stoev, S., Taqqu, M.S., Park, C., Marron, J.S.: On the wavelet spectrum diagnostic for Hurst parameter estimation in the analysis of Internet traffic. Computer Networks: The International Journal of Computer and Telecommunications Networking 48(3), 423–445 (2005)Google Scholar
  5. 5.
    Willinger, W., Paxson, V., Riedi, R., Taqqu, M.: Long-Range Dependence and Data Network Traffic. In: Doukhan, P., Oppenheim, G., Taqqu, M. (eds.) Theory and Applications of Long-Range Dependence, Birkhäuser, Boston, pp. 373–407 (2002)Google Scholar
  6. 6.
    Kettani, H., Gubner, J.A.: Novel Approach to the Estimation of the Hurst Parameter in Self-Similar Traffic. In: IEEE Conference on Local Computer Networks (LCN 2002), pp. 1–6 (2002)Google Scholar
  7. 7.
    Popescu, A.: Traffic Self-Similarity. In: IEEE International Conference on Telecommunications, ICT 2001, Bucharest, Romania, pp. 20–24 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Janusz Kolbusz
    • 1
  • Janusz Korniak
    • 1
  1. 1.University of IT and ManagementRzeszowPoland

Personalised recommendations