# Degree-based Outlier Detection within IP Traffic Modelled as a Link   Stream

**Authors:** Audrey Wilmet, Tiphaine Viard, Matthieu Latapy, Robin Lamarche-Perrin

arXiv: 1906.02524 · 2019-06-07

## TL;DR

This paper introduces a degree-based outlier detection method within IP traffic modeled as a link stream, effectively identifying anomalies by analyzing temporal and structural features of IP addresses.

## Contribution

It presents a novel approach for detecting IP traffic anomalies using degree analysis within a link stream framework, handling heterogeneous distributions.

## Key findings

- Successfully detects relevant network anomalies in MAWI traffic captures.
- Effectively identifies causes of anomalous behaviors.
- Demonstrates robustness in heterogeneous IP profile scenarios.

## Abstract

This paper aims at precisely detecting and identifying anomalous events in IP traffic. To this end, we adopt the link stream formalism which properly captures temporal and structural features of the data. Within this framework, we focus on finding anomalous behaviours with respect to the degree of IP addresses over time. Due to diversity in IP profiles, this feature is typically distributed heterogeneously, preventing us to directly find anomalies. To deal with this challenge, we design a method to detect outliers as well as precisely identify their cause in a sequence of similar heterogeneous distributions. We apply it to several MAWI captures of IP traffic and we show that it succeeds in detecting relevant patterns in terms of anomalous network activity.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.02524/full.md

## Figures

99 figures with captions in the complete paper: https://tomesphere.com/paper/1906.02524/full.md

## References

51 references — full list in the complete paper: https://tomesphere.com/paper/1906.02524/full.md

---
Source: https://tomesphere.com/paper/1906.02524