Title :
Combining wavelet analysis and CUSUM algorithm for network anomaly detection
Author :
Callegari, Christian ; Giordano, Stefano ; Pagano, Michele ; Pepe, Teresa
Author_Institution :
Dept. of Inf. Eng., Univ. of Pisa, Pisa, Italy
Abstract :
In the last years CUSUM based algorithms have emerged as a good basis to develop efficient systems able to detect anomalies and attacks in the network traffic. Nevertheless, such techniques are still far from providing an ideal solution to the problem, mainly because of the huge number of false alarms that characterizes such approaches. For this reason in this paper we propose a novel detection method based on the combined use of the CUSUM algorithm and the wavelet analysis. The introduction of the wavelet analysis, as shown by the obtained results, allows us to strongly reduce the false alarm rate of the “classical” methods, still retaining excellent performance in the detection of network anomalies.
Keywords :
computer network security; control charts; statistical analysis; telecommunication traffic; wavelet transforms; CUSUM algorithm; false alarm; network anomaly detection; network traffic; wavelet analysis; Aggregates; Algorithm design and analysis; Change detection algorithms; IP networks; Market research; Time series analysis; Wavelet analysis;
Conference_Titel :
Communications (ICC), 2012 IEEE International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4577-2052-9
Electronic_ISBN :
1550-3607
DOI :
10.1109/ICC.2012.6363799
