Local anomaly detection for mobile network monitoring
Information Sciences: an International Journal
| Hi-index | 0.00 |
In the field of intrusion detection research, it is oftensaid that anomaly detection has high false positive(FP) rate, though no sufficient analysis is presented sofar.To investigate this assertion, this paper analyzesnetwork traffic data using multivariate statistical analysismethod.Data set used for the analysis is 1998DARPA Intrusion Detection Evaluation Data.Theinformation type applied to detect intrusion has been chosen empirically or intuitively.Our result supportsthat such information type is correct, and moreover on-lineprocessing achieves lower FP rate with high attackdetection rate than batch processing in most cases.