Title :
Link-Based Anomaly Detection in Communication Networks
Author :
Wan, Xiaomeng ; Milios, Evangelos ; Kalyaniwalla, Nauzer ; Janssen, Jeannette
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS
Abstract :
Communication networks, such as networks formed by phone calls and email communications, can be modeled as dynamic graphs with vertices representing agents and edges representing communications. Anomaly detection is to identify abnormal behaviour occurring in these networks. This is crucial for anti-terrorism, resource allocation and network management. The contents of the communications are often unavailable or protected by regulations or encryption, which makes linkage information the only type of data we can rely on in order to identify anomalies. In this paper, we propose a link-based anomaly detection method that considers deviations from individual patterns by taking into account the behaviour pattern of the cluster to which the individual belongs. Clusters can be formed by a standard clustering procedure or based on a specific attribute depending on the dataset. Experiments show that this method performs well on both network traffic and email communication data.
Keywords :
computer network management; telecommunication security; telecommunication traffic; abnormal behaviour; antiterrorism; communication networks; dynamic graphs; email communications; link-based anomaly detection; network management; network traffic; phone calls; resource allocation; standard clustering; Communication networks; Computer science; Couplings; Cryptography; Electronic mail; Intelligent agent; Intelligent networks; Protection; Resource management; Telecommunication traffic; anomaly detection; communication network;
Conference_Titel :
Web Intelligence and Intelligent Agent Technology, 2008. WI-IAT '08. IEEE/WIC/ACM International Conference on
Conference_Location :
Sydney, NSW
Print_ISBN :
978-0-7695-3496-1
DOI :
10.1109/WIIAT.2008.91
