A divergence-measure based classification method for detecting anomalies in network traffic

被引：0

作者：

Balagani, Kiran S. ^{[1
]}

Phoba, Vir V. ^{[1
]}

Kuchimanchi, Gopi K. ^{[1
]}

机构：

[1] Louisiana Tech Univ, CAM Program, Ruston, LA 71272 USA

来源：

2007 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, SENSING, AND CONTROL, VOLS 1 AND 2 | 2007年

关键词：

D O I：

10.1109/ICNSC.2007.372808

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We present 'D-CAD,' a novel divergence-measure based classification method for anomaly detection in network traffic. The D-CAD method identifies anomalies by performing classification on features drawn from software sensors that monitor network traffic. We compare the performance of the D-C-A,D method with two classifier based anomaly detection methods implemented using supervised Bayesian estimation and supervised maximum-likelihood estimation. Results show that the area under receiver operating characteristic curve (AUC) of the D-CAD method is as high as 0.9524, compared to an AUC value of 0.9102 of the supervised maximum-likelihood estimation based anomaly detection method and to an AUC value of 0.8887 of the supervised Bayesian estimation based anomaly detection method.

引用

页码：374 / 379

页数：6

共 50 条

[41] Uncovering network traffic anomalies based on their sparse distributions
CHENG GuoZhen
CHEN HongChang
CHENG DongNian
ZHANG Zhen
LAN JuLong
ScienceChina(InformationSciences), 2014, 57 (09) : 256 - 266
[42] Uncovering network traffic anomalies based on their sparse distributions
Cheng GuoZhen
Chen HongChang
Cheng DongNian
Zhang Zhen
Lan JuLong
SCIENCE CHINA-INFORMATION SCIENCES, 2014, 57 (09) : 1 - 11
[43] Detecting Anomalies at a TLD Name Server Based on DNS Traffic Predictions
Madariaga, Diego
Madariaga, Javier
Panza, Martin
Bustos-Jimenez, Javier
Bustos, Benjamin
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2021, 18 (01): : 1016 - 1030
[44] Real-time detection method for network traffic anomalies
Zou, Bai-Xian
Jisuanji Xuebao/Chinese Journal of Computers, 2003, 26 (08): : 940 - 947
[45] An information-theoretic method for the detection of anomalies in network traffic
Callegari, Christian
Giordano, Stefano
Pagano, Michele
COMPUTERS & SECURITY, 2017, 70 : 351 - 365
[46] Classification of MPEG Video Data Using Centroid Neural Network with Divergence Measure
Park, Dong-Chul
Woo, Dong-Min
THIRD INTERNATIONAL CONFERENCE ON MULTIMEDIA AND UBIQUITOUS ENGINEERING (MUE 2009), 2009, : 109 - 113
[47] Entropy-based Network Traffic Anomaly Classification Method Resilient to Deception
Ibrahim, Juma
Gajin, Slavko
COMPUTER SCIENCE AND INFORMATION SYSTEMS, 2022, 19 (01) : 87 - 116
[48] A network traffic classification method based on quintuple feature and regular expression matching
Qiao, Shujuan
Zhou, Yi
Zhou, Leiyue
Zheng, Liancheng
PROCEEDINGS OF THE 4TH INTERNATIONAL CONFERENCE ON MECHATRONICS, MATERIALS, CHEMISTRY AND COMPUTER ENGINEERING 2015 (ICMMCCE 2015), 2015, 39 : 2292 - 2297
[49] A Efficient Network Traffic Classification Method based on Combined Feature Dimensionality Reduction
Geng, Ye
Cai, Saihua
Qin, Songling
Chen, Haibo
Yin, Shang
2021 21ST INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C 2021), 2021, : 407 - 414
[50] Detecting anomalies from big network traffic data using an adaptive detection approach
Zhang, Ji
Li, Hongzhou
Gao, Qigang
Wang, Hai
Luo, Yonglong
INFORMATION SCIENCES, 2015, 318 : 91 - 110

← 1 2 3 4 5 →