Anomaly Detection in Network Traffic: A Statistical Approach

A global Internet usage enlarge rate of 380% superior than the period from 2000, the year of the dot-com bubble burst, until present select that Internet technology has become a stand of our daily life. In the similar period, cyber-crime has seen an unbelievable to facilitate to create sophisticated protection device for computers and networks a complete necessity. Firewalls as the major protection of the final decade do not give adequate protection anymore. This information has given increase to the expansion of intrusion detection and prevention systems. usual intrusion detection systems are hasty in the sense that they use a set of signatures, which lift at the same rate as new technique are exposed, to identify malicious traffic patterns. Anomaly detection systems are one more branch of intrusion detection systems that operate more proactively. They get a model of the normal system presentation and issue alerts whenever the behavior changes; making a suitable assumption that such changes are frequently caused by malicious or disrupting events. Anomaly detection has been a ground of comprehensive research over the last years as it pretense several challenging problems. In this Paper we present a statistical approach to analysis the allocation of network traffic to recognize the normal network traffic behavior. The Research proposals in anomaly detection naturally follow a fourstage approach, in which the initial three stages define the detection method, while the final stage is dedicated to authenticate the approach method to detect anomalies in network traffic, based on a α -stable model and statistical hypothesis testing. Here we focus on detecting and preventing two anomaly types, namely floods and flash-crowd .Here we use NS2 simulator to calculate result. 1.