Network Traffic Anomaly Detection
Hong Huang, Hussein Al-Azzawi, and Hajar Brani
TL;DR
This paper reviews non-signature-based network anomaly detection methods, including PCA, sketch, and signal analysis, and introduces a unified framework and extraction scheme to enhance network security.
Contribution
It provides a comprehensive tutorial on three major non-signature-based detection approaches and proposes a unifying framework and anomaly extraction scheme.
Findings
Presented three major non-signature detection approaches
Introduced a unifying detection framework
Proposed an anomaly extraction scheme
Abstract
This paper presents a tutorial for network anomaly detection, focusing on non-signature-based approaches. Network traffic anomalies are unusual and significant changes in the traffic of a network. Networks play an important role in today's social and economic infrastructures. The security of the network becomes crucial, and network traffic anomaly detection constitutes an important part of network security. In this paper, we present three major approaches to non-signature-based network detection: PCA-based, sketch-based, and signal-analysis-based. In addition, we introduce a framework that subsumes the three approaches and a scheme for network anomaly extraction. We believe network anomaly detection will become more important in the future because of the increasing importance of network security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Anomaly Detection Techniques and Applications · Internet Traffic Analysis and Secure E-voting