Use of the Hough transformation to detect lines and curves in pictures
Communications of the ACM
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Sensitivity of PCA for traffic anomaly detection
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Traffic data repository at the WIDE project
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Challenging the supremacy of traffic matrices in anomaly detection
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Proceedings of the 2007 workshop on Large scale attack defense
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
Anomaly extraction in backbone networks using association rules
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
An automatic and dynamic parameter tuning of a statistic-based anomaly detection algorithm
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A Hough-transform-based anomaly detector with an adaptive time interval
ACM SIGAPP Applied Computing Review
A self-tuning self-optimizing approach for automated network anomaly detection systems
Proceedings of the 9th international conference on Autonomic computing
Improving an SVD-based combination strategy of anomaly detectors for traffic labelling
Proceedings of the Asian Internet Engineeering Conference
Hi-index | 0.00 |
Internet traffic anomalies are a serious problem that compromise the availability of optimal network resources. Numerous anomaly detectors have recently been proposed, but maintaining their parameters optimally tuned is a difficult task that discredits their effectiveness for daily usage. This article proposes a new anomaly detection method based on pattern recognition and investigates the relationship between its parameter set and the traffic characteristics. This analysis highlights that constantly achieving a high detection rate requires continuous adjustments to the parameters according to the traffic fluctuations. Therefore, an adaptive time interval mechanism is proposed to enhance the robustness of the detection method to traffic variations. This adaptive anomaly detection method is evaluated by comparing it to three other anomaly detectors using four years of real backbone traffic. The evaluation reveals that the proposed adaptive detection method outperforms the other methods in terms of the true positive and false positive rate.