Title :
Forecasting-Based Sampling Decision for Accurate and Scalable Anomaly Detection
Author :
Hashim, Fazirulhisyam ; Jamalipour, Abbas
Author_Institution :
Univ. of Sydney, Sydney, NSW, Australia
Abstract :
This paper proposes the inclusion of two traffic forecasting frameworks in traffic sampling paradigm. The proposed frameworks: namely, the pattern forecasting and the attack forecasting, predicts the occurrence of traffic deviation and examines the existence of malicious attack in the traffic deviation, respectively. While the former utilizes the ARAR model to forecast the network traffic, the latter exploits the statistical likelihood function to determine whether any malicious attack is the origin of the traffic deviation. In addition, a dynamic weight assignment strategy is proposed to further improve the efficiency of the sampling strategy. Performance evaluation indicates that the inclusion of both forecasting frameworks and dynamic weight assignment in the sampling strategy can improve the accuracy and scalability of the anomaly detection.
Keywords :
signal sampling; telecommunication security; attack forecasting; dynamic weight assignment strategy; forecasting-based sampling decision; malicious attack; network traffic; pattern forecasting; performance evaluation; sampling strategy; scalability; scalable anomaly detection; statistical likelihood function; traffic deviation; traffic forecasting frameworks; traffic sampling paradigm; Australia Council; Condition monitoring; Feedback; Predictive models; Quality of service; Resource management; Sampling methods; Scalability; Telecommunication traffic; Traffic control;
Conference_Titel :
Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-4148-8
DOI :
10.1109/GLOCOM.2009.5426221
