TY - GEN
T1 - A comparative study of two network-based anomaly detection methods
AU - Nyalkalkar, Kaustubh
AU - Sinhay, Sushant
AU - Bailey, Michael
AU - Jahanian, Farnam
PY - 2011
Y1 - 2011
N2 - Modern networks are complex and hence, network operators often rely on automation to assist in assuring the security, availability, and performance of these networks. At the core of many of these systems are general-purpose anomaly-detection algorithms that seek to identify normal behavior and detect deviations. While the number and variations of these algorithms are large, two broad categories have emerged as leading approaches to this problem: those based on spatial correlation and those based on temporal analysis. In this paper, we compare one promising approach from each of these categories, namely entropy-based PCA and HHH-based wavelets.
AB - Modern networks are complex and hence, network operators often rely on automation to assist in assuring the security, availability, and performance of these networks. At the core of many of these systems are general-purpose anomaly-detection algorithms that seek to identify normal behavior and detect deviations. While the number and variations of these algorithms are large, two broad categories have emerged as leading approaches to this problem: those based on spatial correlation and those based on temporal analysis. In this paper, we compare one promising approach from each of these categories, namely entropy-based PCA and HHH-based wavelets.
UR - http://www.scopus.com/inward/record.url?scp=79960884056&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79960884056&partnerID=8YFLogxK
U2 - 10.1109/INFCOM.2011.5934975
DO - 10.1109/INFCOM.2011.5934975
M3 - Conference contribution
AN - SCOPUS:79960884056
SN - 9781424499212
T3 - Proceedings - IEEE INFOCOM
SP - 176
EP - 180
BT - 2011 Proceedings IEEE INFOCOM
T2 - IEEE INFOCOM 2011
Y2 - 10 April 2011 through 15 April 2011
ER -