Journal of Computer Networks and Communications

Research Article

Usage of Modified Holt-Winters Method in the Anomaly Detection of Network Traffic: Case Studies

Table 1

Parameters of the HWT2 model for particular types of traffic.
NetworkProtocolAlphaBetaGammaDeltaMAE/MNumber of gamma alertsNumber of delta alertsNumber of gamma and delta alertsNumber of Brutlag’s Holt Winters alerts
T3TCP0,9994970,002240,4870920,4923914,11%0001052
T3 UDP0,8873820,0079490,006263015,45%141320567171377
T3 ICMP0,9995010,0047890,4870930,4923978,69%000944
W1TCP0,9686180,0050050,0026870,0051345,92%91821937141070
W1 UDP0,9975410,00129100,1530,19%2743135810473293
W1 ICMP0,84330,00248600,231,27%274325041687 3247
T2TCP0,9993850,004490,6161950,4995874, 20%0001014
T2UDP0,8840390,0007713,54E−05015,87%4562468528064562
T2ICMP10,0064880,50,58,53%0001174
Source: own research.