Title :
Understanding and Evaluating the Impact of Sampling on Anomaly Detection Techniques
Author :
Androulidakis, Georgios ; Chatzigiannakis, Vasilis ; Papavassiliou, Symeon ; Grammatikou, Mary ; Maglaris, Vasilis
Author_Institution :
Sch. of Electr. & Comput. Eng., Nat. Tech. Univ. of Athens
Abstract :
In this paper, the emphasis is placed on the evaluation of the impact of various packet sampling techniques that have been proposed in the PSAMP IETF draft, on two widely used anomaly detection approaches. More specifically, we evaluate the behavior of a sequential nonparametric change-point detection method and an algorithm based on principal component analysis (PCA) with the use of different metrics, under different traffic and measurement sampling methodologies. One of the key objectives of our study is to gain some insight about the feasibility and scalability of the anomaly detection process, by analyzing and understanding the tradeoff of reducing the volume of collected data while still maintaining the accuracy and effectiveness in the anomaly detection
Keywords :
Internet; computer network reliability; principal component analysis; sampling methods; telecommunication traffic; Internet; PCA; PSAMP IETF draft; anomaly detection approach; packet sampling technique; principal component analysis; sequential nonparametric change-point detection method; Computer network management; Computer networks; Design engineering; Engineering management; IP networks; Monitoring; Principal component analysis; Sampling methods; Scalability; Telecommunication traffic;
Conference_Titel :
Military Communications Conference, 2006. MILCOM 2006. IEEE
Conference_Location :
Washington, DC
Print_ISBN :
1-4244-0617-X
Electronic_ISBN :
1-4244-0618-8
DOI :
10.1109/MILCOM.2006.302407
