Network Attack Traffic Detection using Seed based Sequential Grouping Model

Along with the development of high-speed Internet and smart devices, various attack methods were emerged, and attack traffic has also changed into various and complex forms. In order to provide reliable services and efficient management of network resources, it is essential to detect and analyze the attack traffic. While various application and attack traffic detection or classification methods have been studied, but signature-based methods are still mainstream of the most. In this paper, we propose the seed based sequential grouping model for attack traffic detection. Model consists of two main indices, which are similarity and connectivity index. In addition to model, we define the set of optimal thresholds of each index by using our balancing algorithm and define it as Guideline. By applying the proposed model to the actual attack traffic, we demonstrate that the model has high detection accuracy and completeness.