• DocumentCode
    3521424
  • Title

    Network anomaly detection: A survey and comparative analysis of stochastic and deterministic methods

  • Author

    Jing Wang ; Rossell, Daniel ; Cassandras, Christos ; Paschalidis, Ioannis C.

  • Author_Institution
    Div. of Syst. Eng., Boston Univ., Boston, MA, USA
  • fYear
    2013
  • fDate
    10-13 Dec. 2013
  • Firstpage
    182
  • Lastpage
    187
  • Abstract
    We present five methods to the problem of network anomaly detection. These methods cover most of the common techniques in the anomaly detection field, including Statistical Hypothesis Tests (SHT), Support Vector Machines (SVM) and clustering analysis. We evaluate all methods in a simulated network that consists of nominal data, three flow-level anomalies and one packet-level attack. Through analyzing the results, we point out the advantages and disadvantages of each method and conclude that combining the results of the individual methods can yield improved anomaly detection results.
  • Keywords
    security of data; stochastic processes; support vector machines; SHT; SVM; anomaly detection field; clustering analysis; comparative analysis; deterministic methods; flow-level anomalies; network anomaly detection; nominal data; packet-level attack; simulated network; statistical hypothesis tests; stochastic methods; support vector machines; survey analysis; Clustering algorithms; Detectors; IP networks; Servers; Stochastic processes; Subspace constraints; Support vector machines;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Decision and Control (CDC), 2013 IEEE 52nd Annual Conference on
  • Conference_Location
    Firenze
  • ISSN
    0743-1546
  • Print_ISBN
    978-1-4673-5714-2
  • Type

    conf

  • DOI
    10.1109/CDC.2013.6759879
  • Filename
    6759879
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3521424