Network anomaly detection: a survey and comparative analysis of stochastic and deterministic methods

Wang, J.; Rossell, D.; Cassandras, Christos G.; Paschalidis, Ioannis Ch.

Network anomaly detection: a survey and comparative analysis of stochastic and deterministic methods

Files

1309.4844v1.pdf(721.84 KB)

First author draft

Date

2013-12

DOI

10.1109/CDC.2013.6759879

Authors

Wang, J.

Rossell, D.

Cassandras, Christos G.

Paschalidis, Ioannis Ch.

URI

https://hdl.handle.net/2144/18027

Citation

J Wang, D Rossell, CG Cassandras, I Ch Paschalidis. 2013. "Network Anomaly Detection: A Survey and Comparative Analysis of Stochastic and Deterministic Methods." Proceedings of the 52nd IEEE Conference on Decision and Control, pp. 182 - 187.

Abstract

We present five methods to the problem of network anomaly detection. These methods cover most of the common techniques in the anomaly detection field, including Statistical Hypothesis Tests (SHT), Support Vector Machines (SVM) and clustering analysis. We evaluate all methods in a simulated network that consists of nominal data, three flow-level anomalies and one packet-level attack. Through analyzing the results, we point out the advantages and disadvantages of each method and conclude that combining the results of the individual methods can yield improved anomaly detection results.

Description

7 pages. 1 more figure than final CDC 2013 version

License

Attribution 4.0 International

cb

Collections

BU Open Access Articles

Full item page