Anomaly detection in IP networks

Authors:
M. Thottan;Chuanyi Ji
Affiliations:
Dept. of Networking Software Res., Bell Labs., Holmdel, NJ, USA;-
Venue:
IEEE Transactions on Signal Processing
Year:
2003

Citing 0
Cited 44

Eigenspace-based anomaly detection in computer systems

Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
Network-Based Problem Detection for Distributed Systems

ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Mining anomalies using traffic feature distributions

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Detection and identification of network anomalies using sketch subspaces

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Is sampled data sufficient for anomaly detection?

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Agent-based simulation study of behavioral anticipation: anticipatory fault management in computer networks

Proceedings of the 44th annual Southeast regional conference
Diagnosis of capacity bottlenecks via passive monitoring in 3G networks: An empirical analysis

Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting anomalies in network traffic using maximum entropy estimation

IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
K-Means+ID3: A Novel Method for Supervised Anomaly Detection by Cascading K-Means Clustering and ID3 Decision Tree Learning Methods

IEEE Transactions on Knowledge and Data Engineering
Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment

Journal of Network and Systems Management
Approximate autoregressive modeling for network attack detection

Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Multiagent Approach to Network Traffic Anomalies Uncertainty Level Assessment in Distributed Intrusion Detection System

KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Anomaly Detection of Hostile Traffic Based on Network Traffic Distributions

Information Networking. Towards Ubiquitous Networking and Services
Approximate autoregressive modeling for network attack detection

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Detecting network intrusions using signal processing with query-based sampling filter

EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Anomaly detection: A survey

ACM Computing Surveys (CSUR)
An agent based system for activity monitoring on network - ABSAMN

Expert Systems with Applications: An International Journal
Asymmetric Feature Selection for BGP Abnormal Events Detection

ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
Active and Semi-supervised Data Domain Description

ECML PKDD '09 Proceedings of the European Conference on Machine Learning and Knowledge Discovery in Databases: Part I
A cascade architecture for DoS attacks detection based on the wavelet transform

Journal of Computer Security
Characterising Anomalous Events Using Change - Point Correlation on Unsolicited Network Traffic

NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Three levels network analysis for anomaly detection

SoftCOM'09 Proceedings of the 17th international conference on Software, Telecommunications and Computer Networks
Parameterized anomaly detection system with automatic configuration

GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Baseline traffic modeling for anomalous traffic detection on network transit points

APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Emulation platform for network wide traffic sampling and monitoring

Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Predictive network anomaly detection and visualization

IEEE Transactions on Information Forensics and Security
A novel unsupervised classification approach for network anomaly detection by k-Means clustering and ID3 decision tree learning methods

The Journal of Supercomputing
Temporally oblivious anomaly detection on large networks using functional peers

IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Anomaly detection using self-organizing map and wavelets in wireless sensor networks

ACS'10 Proceedings of the 10th WSEAS international conference on Applied computer science
Anomaly detection in wireless sensor networks using self-organizing map and wavelets

ACS'10 Proceedings of the 10th WSEAS international conference on Applied computer science
Dynamic feature analysis and measurement for large-scale network traffic monitoring

IEEE Transactions on Information Forensics and Security
NADO: network anomaly detection using outlier approach

Proceedings of the 2011 International Conference on Communication, Computing & Security
Parametric methods for anomaly detection in aggregate traffic

IEEE/ACM Transactions on Networking (TON)
An empirical study on applying anomaly detection technique to detecting software and communication failures in mobile data communication services

ICTSS'11 Proceedings of the 23rd IFIP WG 6.1 international conference on Testing software and systems
Detecting anomalous network traffic with combined fuzzy-based approaches

ICIC'05 Proceedings of the 2005 international conference on Advances in Intelligent Computing - Volume Part II
Estimation of data traffic flows from aggregate measurements

Mathematical and Computer Modelling: An International Journal
Inference of network anomaly propagation using spatio-temporal correlation

Journal of Network and Computer Applications
A-GHSOM: An adaptive growing hierarchical self organizing map for network anomaly detection

Journal of Parallel and Distributed Computing
On-line bayesian context change detection in web service systems

Proceedings of the 2013 international workshop on Hot topics in cloud services
Evaluation on multivariate correlation analysis based denial-of-service attack detection system

Proceedings of the First International Conference on Security of Internet of Things
A methodological overview on anomaly detection

DataTraffic Monitoring and Analysis
Anomaly detection in large-scale data stream networks

Data Mining and Knowledge Discovery
Review: A review of novelty detection

Signal Processing

Quantified Score

Hi-index	35.69

Visualization

Abstract

Network anomaly detection is a vibrant research area. Researchers have approached this problem using various techniques such as artificial intelligence, machine learning, and state machine modeling. In this paper, we first review these anomaly detection methods and then describe in detail a statistical signal processing technique based on abrupt change detection. We show that this signal processing technique is effective at detecting several network anomalies. Case studies from real network data that demonstrate the power of the signal processing approach to network anomaly detection are presented. The application of signal processing techniques to this area is still in its infancy, and we believe that it has great potential to enhance the field, and thereby improve the reliability of IP networks.