The need for simulation in evaluating anomaly detectors

被引:31
|
作者
Ringberg, Haakon [1 ]
Roughan, Matthew [2 ]
Rexford, Jennifer [1 ]
机构
[1] Princeton Univ, Princeton, NJ 08544 USA
[2] Univ Adelaide, Adelaide, SA 5005, Australia
来源
ACM SIGCOMM COMPUTER COMMUNICATION REVIEW | 2008年 / 38卷 / 01期
关键词
experimentation; performance; measurement;
D O I
10.1145/1341431.1341443
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Anomalous events that affect the performance of networks are a fact of life. It is therefore not surprising that recent years have seen an explosion in research on network anomaly detection. What is quite surprising, however, is the lack of controlled evaluation of these detectors. In this paper we argue that there are numerous important questions regarding the effectiveness of anomaly detectors that cannot be answered by the evaluation techniques employed today. We present four central requirements of a rigorous evaluation that can only be met by simulating both the anomaly and its surrounding environment. While simulation is necessary, it is not sufficient. We therefore present an outline of an evaluation methodology that leverages both simulation and traces from operational networks.
引用
收藏
页码:55 / 59
页数:5
相关论文
共 50 条
  • [1] DRACE: A Framework for Evaluating Anomaly Detectors for Industrial Control Systems
    Christian, Ivan
    Furtado, Francisco
    Mathur, Aditya P.
    PROCEEDINGS OF THE 10TH ACM CYBER-PHYSICAL SYSTEM SECURITY WORKSHOP, ACM CPSS 2024, 2024, : 77 - 87
  • [2] A Methodology for Evaluating the Robustness of Anomaly Detectors to Adversarial Attacks in Industrial Scenarios
    Perales Gomez, Angel Luis
    Fernandez Maimo, Lorenzo
    Garcia Clemente, Felix J.
    Maroto Morales, Javier Alejandro
    Huertas Celdran, Alberto
    Bovet, Gerome
    IEEE ACCESS, 2022, 10 : 124582 - 124594
  • [3] ANOMALY IN RESPONSE OF SEMICONDUCTOR DETECTORS
    DODGE, WR
    DOMEN, SR
    HOPPES, DD
    HIRSHFELD, AT
    IEEE TRANSACTIONS ON NUCLEAR SCIENCE, 1964, NS11 (03) : 238 - +
  • [4] GENERATIVE AND ENCODED ANOMALY DETECTORS
    Emerson, Tegan H.
    Edelberg, Jason A.
    Doster, Timothy
    Merrill, Nicholas
    Olson, Colin C.
    2019 10TH WORKSHOP ON HYPERSPECTRAL IMAGING AND SIGNAL PROCESSING - EVOLUTION IN REMOTE SENSING (WHISPERS), 2019,
  • [5] A quest for better anomaly detectors
    Soleymani, Mehdi
    INTERNATIONAL JOURNAL OF DATA MINING MODELLING AND MANAGEMENT, 2020, 12 (04) : 447 - 458
  • [6] Enhancing anomaly detectors with LatentOut
    Angiulli, Fabrizio
    Fassetti, Fabio
    Ferragina, Luca
    JOURNAL OF INTELLIGENT INFORMATION SYSTEMS, 2024, 62 (04) : 905 - 923
  • [7] Efficient Nonlinear RX Anomaly Detectors
    Padron Hidalgo, Jose A.
    Perez-Suay, Adrian
    Nar, Fatih
    Camps-Valls, Gustau
    IEEE GEOSCIENCE AND REMOTE SENSING LETTERS, 2021, 18 (02) : 231 - 235
  • [8] A FAMILY OF KERNEL ANOMALY CHANGE DETECTORS
    Longbotham, Nathan
    Camps-Valls, Gustavo
    2014 6TH WORKSHOP ON HYPERSPECTRAL IMAGE AND SIGNAL PROCESSING: EVOLUTION IN REMOTE SENSING (WHISPERS), 2014,
  • [9] Comparison of Anomaly Detectors: Context Matters
    Skvara, Vit
    Francu, Jan
    Zorek, Matej
    Pevny, Tomas
    Smidl, Vaclav
    IEEE TRANSACTIONS ON NEURAL NETWORKS AND LEARNING SYSTEMS, 2022, 33 (06) : 2494 - 2507
  • [10] A method for testing distributed anomaly detectors
    Sugumar, Gayathri
    Mathur, Aditya
    INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2019, 27
12345