| 发明名称 |
DETECTING NETWORK TRAFFIC ANOMALIES IN A COMMUNICATION NETWORK |
| 摘要 |
<p>For detecting network traffic anomalies in a communication network, determined (S1) at defined time intervals is network traffic data associated with network entities of the communication network. For the time intervals, calculated (S2) in each case are Tsallis entropy values for a plurality of entropy moments based on the network traffic data, the entropy moments being defined by Tsallis entropy parameters q. The network traffic anomalies are detected (S3) based on divergence of the Tsallis entropy values associated with the plurality of entropy moments from reference values. By exploring not one but a plurality of different entropy moments, a generalized form of entropy is used to capture more elaborately changes in network traffic, because the distribution of activity is not reduced to a single number, and thus, important information, such as the nature of the change, is not deleted, and an increased quantity of anomalies is detected.</p> |
| 申请公布号 |
WO2010105843(A1) |
申请公布日期 |
2010.09.23 |
| 申请号 |
WO2010EP01743 |
申请日期 |
2010.03.19 |
| 申请人 |
ETH ZURICH;TELLENBACH, BERNHARD;SORNETTE, DIDIER;MAILLART, THOMAS;BURKHART, MARTIN |
发明人 |
TELLENBACH, BERNHARD;SORNETTE, DIDIER;MAILLART, THOMAS;BURKHART, MARTIN |
| 分类号 |
H04L12/24;H04L12/26;H04L29/06 |
主分类号 |
H04L12/24 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
