Eigenspace-based anomaly detection in computer systems
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Network-Based Problem Detection for Distributed Systems
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Detection and identification of network anomalies using sketch subspaces
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Is sampled data sufficient for anomaly detection?
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Proceedings of the 44th annual Southeast regional conference
Diagnosis of capacity bottlenecks via passive monitoring in 3G networks: An empirical analysis
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting anomalies in network traffic using maximum entropy estimation
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
IEEE Transactions on Knowledge and Data Engineering
Journal of Network and Systems Management
Approximate autoregressive modeling for network attack detection
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Anomaly Detection of Hostile Traffic Based on Network Traffic Distributions
Information Networking. Towards Ubiquitous Networking and Services
Approximate autoregressive modeling for network attack detection
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Detecting network intrusions using signal processing with query-based sampling filter
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
ACM Computing Surveys (CSUR)
An agent based system for activity monitoring on network - ABSAMN
Expert Systems with Applications: An International Journal
Asymmetric Feature Selection for BGP Abnormal Events Detection
ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
Active and Semi-supervised Data Domain Description
ECML PKDD '09 Proceedings of the European Conference on Machine Learning and Knowledge Discovery in Databases: Part I
A cascade architecture for DoS attacks detection based on the wavelet transform
Journal of Computer Security
Characterising Anomalous Events Using Change - Point Correlation on Unsolicited Network Traffic
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Three levels network analysis for anomaly detection
SoftCOM'09 Proceedings of the 17th international conference on Software, Telecommunications and Computer Networks
Parameterized anomaly detection system with automatic configuration
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Baseline traffic modeling for anomalous traffic detection on network transit points
APNOMS'09 Proceedings of the 12th Asia-Pacific network operations and management conference on Management enabling the future internet for changing business and new computing services
Emulation platform for network wide traffic sampling and monitoring
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Predictive network anomaly detection and visualization
IEEE Transactions on Information Forensics and Security
Temporally oblivious anomaly detection on large networks using functional peers
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Anomaly detection using self-organizing map and wavelets in wireless sensor networks
ACS'10 Proceedings of the 10th WSEAS international conference on Applied computer science
Anomaly detection in wireless sensor networks using self-organizing map and wavelets
ACS'10 Proceedings of the 10th WSEAS international conference on Applied computer science
Dynamic feature analysis and measurement for large-scale network traffic monitoring
IEEE Transactions on Information Forensics and Security
NADO: network anomaly detection using outlier approach
Proceedings of the 2011 International Conference on Communication, Computing & Security
Parametric methods for anomaly detection in aggregate traffic
IEEE/ACM Transactions on Networking (TON)
ICTSS'11 Proceedings of the 23rd IFIP WG 6.1 international conference on Testing software and systems
Detecting anomalous network traffic with combined fuzzy-based approaches
ICIC'05 Proceedings of the 2005 international conference on Advances in Intelligent Computing - Volume Part II
Estimation of data traffic flows from aggregate measurements
Mathematical and Computer Modelling: An International Journal
Inference of network anomaly propagation using spatio-temporal correlation
Journal of Network and Computer Applications
A-GHSOM: An adaptive growing hierarchical self organizing map for network anomaly detection
Journal of Parallel and Distributed Computing
On-line bayesian context change detection in web service systems
Proceedings of the 2013 international workshop on Hot topics in cloud services
Evaluation on multivariate correlation analysis based denial-of-service attack detection system
Proceedings of the First International Conference on Security of Internet of Things
A methodological overview on anomaly detection
DataTraffic Monitoring and Analysis
Anomaly detection in large-scale data stream networks
Data Mining and Knowledge Discovery
Review: A review of novelty detection
Signal Processing
Hi-index | 35.69 |
Network anomaly detection is a vibrant research area. Researchers have approached this problem using various techniques such as artificial intelligence, machine learning, and state machine modeling. In this paper, we first review these anomaly detection methods and then describe in detail a statistical signal processing technique based on abrupt change detection. We show that this signal processing technique is effective at detecting several network anomalies. Case studies from real network data that demonstrate the power of the signal processing approach to network anomaly detection are presented. The application of signal processing techniques to this area is still in its infancy, and we believe that it has great potential to enhance the field, and thereby improve the reliability of IP networks.