Unsupervised Anomaly Detection in Network Traffic by Means of Robust PCA

Authors:
Roland Kwitt;Ulrich Hofmann
Affiliations:
Salzburg Research, Austria;University of Applied Sciences, Austria
Venue:
ICCGI '07 Proceedings of the International Multi-Conference on Computing in the Global Information Technology
Year:
2007

Citing 0
Cited 3

Anomaly Detection Using Time Index Differences of Identical Symbols with and without Training Data

ADMA '09 Proceedings of the 5th International Conference on Advanced Data Mining and Applications
Predictive network anomaly detection and visualization

IEEE Transactions on Information Forensics and Security
Atypicity detection in data streams: A self-adjusting approach

Intelligent Data Analysis - Ubiquitous Knowledge Discovery

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper points out the need for unsupervised anomaly detection in the context of instrusion detection systems. Our work is based on an approach which employs principal component analysis (PCA) in order to detect anomalies in measuerments of certain network traffic parameters. We discuss the problem of contaminated training data and propose to use PCA on the basis of robust estimators to overcome the necessity of a supervised preprocessing step.