A comparative study of two network-based anomaly detection methods

Kaustubh Nyalkalkar, Sushant Sinhay, Michael Bailey, Farnam Jahanian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Modern networks are complex and hence, network operators often rely on automation to assist in assuring the security, availability, and performance of these networks. At the core of many of these systems are general-purpose anomaly-detection algorithms that seek to identify normal behavior and detect deviations. While the number and variations of these algorithms are large, two broad categories have emerged as leading approaches to this problem: those based on spatial correlation and those based on temporal analysis. In this paper, we compare one promising approach from each of these categories, namely entropy-based PCA and HHH-based wavelets.

Original languageEnglish (US)
Title of host publication2011 Proceedings IEEE INFOCOM
Pages176-180
Number of pages5
DOIs
StatePublished - Aug 2 2011
Externally publishedYes
EventIEEE INFOCOM 2011 - Shanghai, China
Duration: Apr 10 2011Apr 15 2011

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X

Other

OtherIEEE INFOCOM 2011
CountryChina
CityShanghai
Period4/10/114/15/11

ASJC Scopus subject areas

  • Computer Science(all)
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'A comparative study of two network-based anomaly detection methods'. Together they form a unique fingerprint.

  • Cite this

    Nyalkalkar, K., Sinhay, S., Bailey, M., & Jahanian, F. (2011). A comparative study of two network-based anomaly detection methods. In 2011 Proceedings IEEE INFOCOM (pp. 176-180). [5934975] (Proceedings - IEEE INFOCOM). https://doi.org/10.1109/INFCOM.2011.5934975