Title :
A Divergence-measure Based Classification Method for Detecting Anomalies in Network Traffic
Author :
Balagani, Kiran S. ; Phoha, Vir V. ; Kuchimanchi, Gopi K.
Author_Institution :
Louisiana Tech Univ., Ruston
Abstract :
We present ´D-CAD,´ a novel divergence-measure based classification method for anomaly detection in network traffic. The D-CAD method identifies anomalies by performing classification on features drawn from software sensors that monitor network traffic. We compare the performance of the D-CAD method with two classifier based anomaly detection methods implemented using supervised Bayesian estimation and supervised maximum-likelihood estimation. Results show that the area under receiver operating characteristic curve (AUC) of the D-CAD method is as high as 0.9524, compared to an AUC value of 0.9102 of the supervised maximum-likelihood estimation based anomaly detection method and to an AUC value of 0.8887 of the supervised Bayesian estimation based anomaly detection method.
Keywords :
Bayes methods; computer network reliability; maximum likelihood estimation; telecommunication traffic; anomaly detection; divergence-measure based classification method; network traffic; software sensors; supervised Bayesian estimation; supervised maximum-likelihood estimation; Bayesian methods; Communication system traffic control; Computer networks; Computer science; Fault detection; Maximum likelihood estimation; Monitoring; Sensor phenomena and characterization; Telecommunication traffic; Testing;
Conference_Titel :
Networking, Sensing and Control, 2007 IEEE International Conference on
Conference_Location :
London
Print_ISBN :
1-4244-1076-2
Electronic_ISBN :
1-4244-1076-2
DOI :
10.1109/ICNSC.2007.372808
