Abstract

In recent years, with the increase of the scale and the complexity of the network, various abnormity flows begin to occur in the network. To know the running state of the network, the technology of NetFlow emerges as the times require. The NetFlow data are transmitted directly by the router which supports the function of NetFlow. Comparing with traditional data acquirement technology, the NetFlow technology needs not deployment in advance and acquires data conveniently, and it is gradually turning into the important data sources for the network management, maintenance, supervision and control. At present, there are still few abnormity detection methods based on the NetFlow data set. In this article, we introduced the principle and functions of the NetFlow, and put forward the TOPN flow abnormity detection method based on the NetFlow technology. This method can effectively detect the flow state in the network, reflect the network state and offer the information about abnormal network flows.

This work is licensed under a Creative Commons Attribution 4.0 License.