Uncovering network traffic anomalies based on their sparse distributions

被引:0
|
作者
CHENG GuoZhen [1 ]
CHEN HongChang [1 ]
CHENG DongNian [1 ]
ZHANG Zhen [1 ]
LAN JuLong [1 ]
机构
[1] National Digital Switching System Engineering and Technological Research Center
来源
Science China(Information Sciences) | 2014年 / 57卷 / 09期
基金
中国国家自然科学基金;
关键词
anomaly detection; feature filtering; multi-resolution analysis; sparse distribution;
D O I
暂无
中图分类号
TP393.06 [];
学科分类号
081201 ; 1201 ;
摘要
Characterizing network traffic with higher-dimensional features results in increased complexity of most detectors and classifiers for identifying traffic anomalies.Several key observations from existing studies confirm that network anomalies are typically distributed in a sparse way,with each anomaly essentially characterized by its lower-dimensional features.Based on this important finding,we exploit sparsity in designing a novel detection method for anomalies that ignores redundancies that are dynamically filtered from the feature sets and accurately classifies anomalies.Comparison of our method with three well known techniques shows a10%improvement in accuracy with an O(n)complexity of the classifier.
引用
收藏
页码:256 / 266
页数:11
相关论文
共 50 条
  • [1] Uncovering network traffic anomalies based on their sparse distributions
    Cheng GuoZhen
    Chen HongChang
    Cheng DongNian
    Zhang Zhen
    Lan JuLong
    [J]. SCIENCE CHINA-INFORMATION SCIENCES, 2014, 57 (09) : 1 - 11
  • [2] Uncovering network traffic anomalies based on their sparse distributions
    GuoZhen Cheng
    HongChang Chen
    DongNian Cheng
    Zhen Zhang
    JuLong Lan
    [J]. Science China Information Sciences, 2014, 57 : 1 - 11
  • [3] Poster: Learning distributions to detect anomalies using all the network traffic
    Dietmuller, Alexander
    Fragkouli, Georgia
    Vanbever, Laurent
    [J]. PROCEEDINGS OF THE 2023 ACM SIGCOMM 2023 CONFERENCE, SIGCOMM 2023, 2023, : 1108 - 1110
  • [4] Anomalies in Network Traffic
    Ratner, Alan S.
    Kelly, Phillip
    [J]. 2013 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS: BIG DATA, EMERGENT THREATS, AND DECISION-MAKING IN SECURITY INFORMATICS, 2013, : 206 - 208
  • [5] Anomaly Detection of Hostile Traffic Based on Network Traffic Distributions
    Kang, Koohong
    [J]. INFORMATION NETWORKING: TOWARDS UBIQUITOUS NETWORKING AND SERVICES, 2008, 5200 : 781 - 790
  • [6] Mining anomalies using traffic feature distributions
    Lakhina, A
    Crovella, M
    Diot, C
    [J]. ACM SIGCOMM COMPUTER COMMUNICATION REVIEW, 2005, 35 (04) : 217 - 228
  • [7] A Taxonomy of Anomalies in Backbone Network Traffic
    Mazel, Johan
    Fontugne, Romain
    Fukuda, Kensuke
    [J]. 2014 INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC), 2014, : 30 - 36
  • [8] Characteristics of network traffic flow anomalies
    Barford, P
    Plonka, D
    [J]. IMW 2001: PROCEEDINGS OF THE FIRST ACM SIGCOMM INTERNET MEASUREMENT WORKSHOP, 2001, : 69 - 73
  • [9] Risk Leveling of Network Traffic Anomalies
    Isaksson, Charlie
    Meng, Yu
    Dunham, Margaret H.
    [J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2006, 6 (06): : 258 - 265
  • [10] Automated Classification of Network Traffic Anomalies
    Fernandes, Guilherme
    Owezarski, Philippe
    [J]. SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, 2009, 19 : 91 - 100
12345