2010 IEEE Globecom Workshops 2010
DOI: 10.1109/glocomw.2010.5700309
|View full text |Cite
|
Sign up to set email alerts
|

Network traffic anomaly detection based on catastrophe theory

Abstract: Although various methods have been proposed to detect anomalies, they are mostly based on the traditional statistical physics. The traditional statistical physics methods are based on the stationary hypothesis of the network traffic, which always ignore the real catastrophe process when anomalies occur. In order to reflect the catastrophe process of the abnormal network traffic, we present a non-stationary network traffic anomaly detection approach based on catastrophe theory. The cusp catastrophe model is sel… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2

Citation Types

0
2
0

Year Published

2012
2012
2023
2023

Publication Types

Select...
2
1
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(2 citation statements)
references
References 18 publications
0
2
0
Order By: Relevance
“…Xiong et al proposed two anomaly detection models based on catastrophe theory in network traffic [21,22]. After that, in 2014 they proposed an intrusion detection system to detect network traffic anomaly based on synergetic neural networks and the catastrophe theory to reduce security risks in the cloud network.…”
Section: Related Workmentioning
confidence: 99%
“…Xiong et al proposed two anomaly detection models based on catastrophe theory in network traffic [21,22]. After that, in 2014 they proposed an intrusion detection system to detect network traffic anomaly based on synergetic neural networks and the catastrophe theory to reduce security risks in the cloud network.…”
Section: Related Workmentioning
confidence: 99%
“…This data set is publicly available and was prepared by MIT Lincoln Lab. We are conscious of imperfection of DARPA dataset especially on the maturity over 15 years, but these are the most comprehensive and extensive used dataset in this field where we can easily make comparison with other researchers [18], [19], [20], [21], [22], and [23] since it has been accepted as standard benchmark for their IDS model. Lincoln Lab has provided 5 weeks of data that consist of 3 weeks of training data and 2 weeks of testing data in various formats such as tcpdump, NT audit data, and BSM solaris host audit data.…”
Section: Related Workmentioning
confidence: 99%