Matrix computations (3rd ed.)
Event detection from time series data
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
A unifying framework for detecting outliers and change points from non-stationary time series data
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Eigenspace-based anomaly detection in computer systems
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Dynamic syslog mining for network failure monitoring
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
Neighborhood Formation and Anomaly Detection in Bipartite Graphs
ICDM '05 Proceedings of the Fifth IEEE International Conference on Data Mining
Local Correlation Tracking in Time Series
ICDM '06 Proceedings of the Sixth International Conference on Data Mining
Finding the most unusual time series subsequence: algorithms and applications
Knowledge and Information Systems
Computing Correlation Anomaly Scores Using Stochastic Nearest Neighbors
ICDM '07 Proceedings of the 2007 Seventh IEEE International Conference on Data Mining
Metric forensics: a multi-level approach for mining volatile graphs
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
Anomaly localization for network data streams with graph joint sparse PCA
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Discovering spatio-temporal causal interactions in traffic data streams
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
RainMon: an integrated approach to mining bursty timeseries monitoring data
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Hi-index | 0.00 |
This paper addresses the issue of unsupervised network anomaly detection. In recent years, networks have played more and more critical roles. Since their outages cause serious economic losses, it is quite significant to monitor their changes over time and to detect anomalies as early as possible. In this paper, we specifically focus on the management of the whole network. In it, it is important to detect anomalies which make great impact on the whole network, and the other local anomalies should be ignored. Further, when we detect the former anomalies, it is required to localize nodes responsible for them. It is challenging to simultaneously perform the above two tasks taking into account the nonstationarity and strong correlations between nodes. We propose a network anomaly detection method which resolves the above two tasks in a unified way. The key ideas of the method are: (1)construction of quantities representing feature of a whole network and each node from the same input based on eigen equation compression, and (2)incremental anomalousness scoring based on learning the probability distribution of the quantities. We demonstrate through the experimental results using two benchmark data sets and a simulation data set that anomalies of a whole network and nodes responsible for them can be detected by the proposed method.