2019
DOI: 10.3390/info10080262
|View full text |Cite
|
Sign up to set email alerts
|

Network Anomaly Detection by Using a Time-Decay Closed Frequent Pattern

Abstract: Anomaly detection of network traffic flows is a non-trivial problem in the field of network security due to the complexity of network traffic. However, most machine learning-based detection methods focus on network anomaly detection but ignore the user anomaly behavior detection. In real scenarios, the anomaly network behavior may harm the user interests. In this paper, we propose an anomaly detection model based on time-decay closed frequent patterns to address this problem. The model mines closed frequent pa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2

Citation Types

0
2
0

Year Published

2020
2020
2023
2023

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(2 citation statements)
references
References 28 publications
0
2
0
Order By: Relevance
“…When calculating the probability of an event occurring also the time is considered, and an alert is raised if an event is unlikely to have happened in a speci ic time. Zhao et al [15] exploited techniques to mine frequent patterns in network traf ic, and applied time-decay factors to differentiate between newer and older patterns. This strategy helps such IDSs to update its system baseline, making the IDS able to cope with the highly dynamic behavior of users.…”
Section: Statistics-based Idsmentioning
confidence: 99%
“…When calculating the probability of an event occurring also the time is considered, and an alert is raised if an event is unlikely to have happened in a speci ic time. Zhao et al [15] exploited techniques to mine frequent patterns in network traf ic, and applied time-decay factors to differentiate between newer and older patterns. This strategy helps such IDSs to update its system baseline, making the IDS able to cope with the highly dynamic behavior of users.…”
Section: Statistics-based Idsmentioning
confidence: 99%
“…They used the Auto-Regressive (AR) process to model the data, and then performed a sequential hypothesis testing to determine the presence of an anomaly. Zhao et al [23] exploited techniques to mine frequent patterns in network traffic, and applied time-decay factors to differentiate between newer and older patterns. This strategy helps AIDS to update its system baseline, making the IDS to cope with highly dynamical behavior of users.…”
Section: ) Statistics-based Aidsmentioning
confidence: 99%