Network Anomaly Detection: Methods, Systems and Tools

Author

Bhuyan, Monowar H. ; Bhattacharyya, Dhruba Kumar ; Kalita, Jugal Kumar

Author_Institution

Dept. of Comput. Sci. & Eng., Tezpur Univ., Tezpur, India

Volume

16

Issue

1

fYear

2014

fDate

First Quarter 2014

Firstpage

303

Lastpage

336

Abstract

Network anomaly detection is an important and dynamic research area. Many network intrusion detection methods and systems (NIDS) have been proposed in the literature. In this paper, we provide a structured and comprehensive overview of various facets of network anomaly detection so that a researcher can become quickly familiar with every aspect of network anomaly detection. We present attacks normally encountered by network intrusion detection systems. We categorize existing network anomaly detection methods and systems based on the underlying computational techniques used. Within this framework, we briefly describe and compare a large number of network anomaly detection methods and systems. In addition, we also discuss tools that can be used by network defenders and datasets that researchers in network anomaly detection can use. We also highlight research directions in network anomaly detection.

Keywords

Internet; computer network security; network anomaly detection; network defenders; network intrusion detection methods; network intrusion detection systems; Computational modeling; Computer architecture; Computers; Intrusion detection; Monitoring; Sun; Anomaly detection; NIDS; attack; classifier; dataset; intrusion detection; tools;

fLanguage

English

Journal_Title

Communications Surveys & Tutorials, IEEE

Publisher

ieee

ISSN

1553-877X

Type

jour

DOI

10.1109/SURV.2013.052213.00046

Filename

6524462