• DocumentCode
    2365197
  • Title

    Combining wavelet analysis and CUSUM algorithm for network anomaly detection

  • Author

    Callegari, Christian ; Giordano, Stefano ; Pagano, Michele ; Pepe, Teresa

  • Author_Institution
    Dept. of Inf. Eng., Univ. of Pisa, Pisa, Italy
  • fYear
    2012
  • fDate
    10-15 June 2012
  • Firstpage
    1091
  • Lastpage
    1095
  • Abstract
    In the last years CUSUM based algorithms have emerged as a good basis to develop efficient systems able to detect anomalies and attacks in the network traffic. Nevertheless, such techniques are still far from providing an ideal solution to the problem, mainly because of the huge number of false alarms that characterizes such approaches. For this reason in this paper we propose a novel detection method based on the combined use of the CUSUM algorithm and the wavelet analysis. The introduction of the wavelet analysis, as shown by the obtained results, allows us to strongly reduce the false alarm rate of the “classical” methods, still retaining excellent performance in the detection of network anomalies.
  • Keywords
    computer network security; control charts; statistical analysis; telecommunication traffic; wavelet transforms; CUSUM algorithm; false alarm; network anomaly detection; network traffic; wavelet analysis; Aggregates; Algorithm design and analysis; Change detection algorithms; IP networks; Market research; Time series analysis; Wavelet analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications (ICC), 2012 IEEE International Conference on
  • Conference_Location
    Ottawa, ON
  • ISSN
    1550-3607
  • Print_ISBN
    978-1-4577-2052-9
  • Electronic_ISBN
    1550-3607
  • Type

    conf

  • DOI
    10.1109/ICC.2012.6363799
  • Filename
    6363799
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2365197