2011
DOI: 10.1007/978-3-642-20757-0_4
|View full text |Cite
|
Sign up to set email alerts
|

UNADA: Unsupervised Network Anomaly Detection Using Sub-space Outliers Ranking

Abstract: Abstract. Current network monitoring systems rely strongly on signature-based and supervised-learning-based detection methods to hunt out network attacks and anomalies. Despite being opposite in nature, both approaches share a common downside: they require the knowledge provided by an expert system, either in terms of anomaly signatures, or as normal-operation profiles. In a diametrically opposite perspective we introduce UNADA, an Unsupervised Network Anomaly Detection Algorithm for knowledge-independent dete… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
49
0

Year Published

2013
2013
2020
2020

Publication Types

Select...
6
1
1

Relationship

3
5

Authors

Journals

citations
Cited by 40 publications
(49 citation statements)
references
References 14 publications
0
49
0
Order By: Relevance
“…The measurement approach followed in our work is currently being implemented within a more generic platform for automatic troubleshooting support. This platform is called mPlane: in the EU project mPlane 5 we are building a global Internet-scale measurement platform to better understand and diagnose performance degradation events in Internet-scale services such as YouTube, Facebook, Netflix, and others.…”
Section: Discussionmentioning
confidence: 99%
See 1 more Smart Citation
“…The measurement approach followed in our work is currently being implemented within a more generic platform for automatic troubleshooting support. This platform is called mPlane: in the EU project mPlane 5 we are building a global Internet-scale measurement platform to better understand and diagnose performance degradation events in Internet-scale services such as YouTube, Facebook, Netflix, and others.…”
Section: Discussionmentioning
confidence: 99%
“…We use a simple auto-calibration approach to define the required inputs used by DBSCAN, similar to [5]. …”
Section: E Unsupervised Analysis Through Clusteringmentioning
confidence: 99%
“…UNADA (Unsupervised Network Anomaly detection Algorithm) [5] falls within the unsupervised anomaly detection domain, a novel research area that has drawn quite a lot of interest in the research community, but that still represents a rather immature field. Most work on unsupervised network anomaly detection has been devoted to the IDS field, generally targeting the detection of network intrusions in the very well known KDD'99 dataset.…”
Section: Related Workmentioning
confidence: 99%
“…Commonly, the clustering approach is used with the similarity criteria such as distance-based, density-based, nearest-neighbor-based, etc. Casas, Mazel, and Owezarski (2011) proposed a network anomaly detection system using the unsupervised clustering approach by sub-space and density-based metrics to prevent the network attacks. The network attacks can be denial-ofservice, illegal access, probing, and spreading warms and viruses (Casas et al, 2011).…”
Section: Related Workmentioning
confidence: 99%
“…Casas, Mazel, and Owezarski (2011) proposed a network anomaly detection system using the unsupervised clustering approach by sub-space and density-based metrics to prevent the network attacks. The network attacks can be denial-ofservice, illegal access, probing, and spreading warms and viruses (Casas et al, 2011). In some cases, multiple-clustering techniques are combined for outlier detection using evidence accumulation (Fred & Jain, 2005).…”
Section: Related Workmentioning
confidence: 99%