This invention relates to systems, methods, and techniques to detect anomalies in network traffic.
Networks allow computers (hosts) to communicate with each other whether over a public network, e.g., the Internet, or over private networks. For instance, many enterprises have internal networks (intranets) to handle communication throughout the enterprise. Hosts on these networks can generally have access to both public and private networks.
Managing these public and private networks is becoming increasingly costly, and the business cost of dealing with network problems is increasingly high. Managing an enterprise network involves a number of inter-related activities including establishing a topology, establishing policies for the network and monitoring network performance. Another task for managing a network is detecting and dealing with changes in the level of network traffic.