Applying PCA for Traffic Anomaly Detection: Problems and Solutions

Brauckhoff, Daniela; Salamatian, Kavé; May, Martin

doi:10.1109/infcom.2009.5062248

Cited by 150 publications

(111 citation statements)

References 8 publications

Supporting

Mentioning

109

Contrasting

Unclassified

Order By: Relevance

“…According to Brauckhoff et al [123], a realistic simulation of legitimate traffic is largely an unsolved problem today and one of the solution is combining generated anomalies with real, legitimate traffic traces. In [123] and then in [124], Brauckhoff et al introduced the FLAME tool for injection of hand-crafted anomalies into a given background traffic trace. This tool is freely available but the current distribution does not include any models reflecting anomalies.…”

Section: Origin Of the Ideamentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

161

View full text Add to dashboard Cite

Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.

show abstract

Section: Origin Of the Ideamentioning

confidence: 99%

An Entropy-Based Network Anomaly Detection Method

Bereziński

Jasiul

Szpyrka

2015

Entropy

161

View full text Add to dashboard Cite

show abstract

“…However, there have been a number of efforts on detecting only outliers from spatially and temporally distributed data. For example, principle component analysis (PCA) has been used for network-wide anomaly detection [13,26,20,1]. However, PCA results (as we will show) cannot capture volume heterogeneity and are also very sensitive to parameter settings which are highly data dependent.…”

Section: Related Workmentioning

confidence: 91%

Discovering spatio-temporal causal interactions in traffic data streams

Liu

Zheng

Chawla

et al. 2011

Proceedings of the 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining

302

184

View full text Add to dashboard Cite

The detection of outliers in spatio-temporal traffic data is an important research problem in the data mining and knowledge discovery community. However to the best of our knowledge, the discovery of relationships, especially causal interactions, among detected traffic outliers has not been investigated before. In this paper we propose algorithms which construct outlier causality trees based on temporal and spatial properties of detected outliers. Frequent substructures of these causality trees reveal not only recurring interactions among spatio-temporal outliers, but potential flaws in the design of existing traffic networks. The effectiveness and strength of our algorithms are validated by experiments on a very large volume of real taxi trajectories in an urban road network.

show abstract

“…Then, Asrul [12] introduced ARMIA model for predicting traffic and detect anomaly. Brauckhoff [13] employed PCA analysis for traffic anomaly detection.…”

Section: Related Workmentioning

confidence: 99%