Behavioral Anomaly Detection System on Network Application Traffic from Many Sensors

Author

Nagata, Ayanori ; Kotera, Keito ; Nakamura, Kentaro ; Hori, Yoichi

Author_Institution

Network Applic. Eng. Labs. Ltd., Fukuoka, Japan

fYear

2014

fDate

21-25 July 2014

Firstpage

600

Lastpage

601

Abstract

For a computer network in the era of big data, we discuss a behavioral anomaly detection system which makes it possible to analyze and immediately detect anomaly traffic behavior. Many sensor devices connect to the network and tend to generate their application traffic at quite a low communication rate. In order to observe necessary traffic information for traffic analysis in a short time, the monitoring system integrates traffic statistics of flows sent from devices which are considered to generate the same application. It detects anomaly traffic behavior on the basis of application analysis using NMF(Non-Negative Matrix Factorization).

Keywords

Big Data; computer network security; matrix decomposition; telecommunication traffic; NMF; anomaly traffic behavior; application analysis; behavioral anomaly detection system; big data; communication rate; computer network; monitoring system; necessary traffic information; network application traffic; nonnegative matrix factorization; sensor devices; traffic analysis; traffic statistics; Big data; IP networks; Monitoring; Prototypes; Sensors; Servers; Vectors; Anomaly detection; NMF (Non-Negative Matrix Factorization); Sensor devices; Traffic analsysis; Traffic monitoring;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference (COMPSAC), 2014 IEEE 38th Annual

Conference_Location

Vasteras

Type

conf

DOI

10.1109/COMPSAC.2014.85

Filename

6899268