2009 NetworkAnomalyDetectionbasedonE

• (Hirose et al., 2009) ⇒ Shunsuke Hirose, Kenji Yamanishi, Takayuki Nakata, and Ryohei Fujimaki. (2009). “Network Anomaly Detection based on Eigen Equation Compression.” In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD-2009). doi:10.1145/1557019.1557147

Subject Headings:

Notes

Cited By

• http://scholar.google.com/scholar?q=%22Network+anomaly+detection+based+on+Eigen+equation+compression%22+2009
• http://portal.acm.org/citation.cfm?doid=1557019.1557147&preflayout=flat#citedby

Quotes

Author Keywords

Abstract

This paper addresses the issue of unsupervised network anomaly detection. In recent years, networks have played more and more critical roles. Since their outages cause serious economic losses, it is quite significant to monitor their changes over time and to detect anomalies as early as possible. In this paper, we specifically focus on the management of the whole network. In it, it is important to detect anomalies which make great impact on the whole network, and the other local anomalies should be ignored. Further, when we detect the former anomalies, it is required to localize nodes responsible for them. It is challenging to simultaneously perform the above two tasks taking into account the nonstationarity and strong correlations between nodes.
We propose a network anomaly detection method which resolves the above two tasks in a unified way. The key ideas of the method are : (1)construction of quantities representing feature of a whole network and each node from the same input based on eigen equation compression, and (2) incremental anomalousness scoring based on learning the probability distribution of the quantities.
We demonstrate through the experimental results using two benchmark data sets and a simulation data set that anomalies of a whole network and nodes responsible for them can be detected by the proposed method.

References

,