Principles of a computer immune system
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Authoritative sources in a hyperlinked environment
Journal of the ACM (JACM)
ACM Transactions on Computer Systems (TOCS)
The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Two Dimensional Time-Series for Anomaly Detection and Regulation in Adaptive Systems
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Distributed Fault Localization in Hierarchically Routed Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Implementing a Generalized Tool for Network Monitoring
LISA '97 Proceedings of the 11th Conference on Systems Administration
LISA '98 Proceedings of the 12th Conference on Systems Administration
Bootstrapping a data mining intrusion detection system
Proceedings of the 2003 ACM symposium on Applied computing
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Unsupervised learning techniques for an intrusion detection system
Proceedings of the 2004 ACM symposium on Applied computing
Analytical Network and System Administration: Managing Human-Computer Networks
Analytical Network and System Administration: Managing Human-Computer Networks
Probabilistic anomaly detection in distributed computer networks
Science of Computer Programming
Automated response using system-call delays
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Probabilistic anomaly detection in distributed computer networks
Science of Computer Programming
IAT '06 Proceedings of the IEEE/WIC/ACM international conference on Intelligent Agent Technology
Self-configurable fault monitoring in ad-hoc networks
Ad Hoc Networks
Mesh-Mon: A multi-radio mesh monitoring and management system
Computer Communications
Improving Anomaly Detection Event Analysis Using the EventRank Algorithm
AIMS '07 Proceedings of the 1st international conference on Autonomous Infrastructure, Management and Security: Inter-Domain Management
Fault detection in autonomic networks using the concept of promised cooperation
DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services
A policy-based sensor selection system with goal oriented singular value decomposition technique
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
| Hi-index | 0.00 |
Correlations between locally averaged host observations, at different times and places, hint at information about the associations between the hosts in a network. These smoothed, pseudo-continuous time-series imply relationships with entities in the wider environment. For anomaly detection, mining this information might provide a valuable source of observational experience for determining comparative anomalies or rejecting false anomalies. The difficulties with distributed analysis lie in collating the distributed data and in comparing observables on different hosts, in different frames of reference. In the present work, we examine two methods (Principle Component Analysis and Eigenvector Centrality) that shed light on the usefulness of comparing data destined for different locations in a network.