Title :
A novel multi time-scales PCA-based anomaly detection system
Author :
Callegari, Christian ; Gazzarrini, Loris ; Giordano, Stefano ; Pagano, Michele ; Pepe, Teresa
Author_Institution :
Dept. of Inf. Eng., Univ. of Pisa, Pisa, Italy
Abstract :
The increasing number of network attacks causes growing problems for network operators and users. Thus, detecting anomalous traffic is of primary interest in IP networks management. In this paper we address the problem considering a method based on PCA for detecting network anomalies. In more detail, we present a new technique that extends the state of the art in PCA based anomaly detection. Indeed, by means of multi scale analysis we are able to obtain great improvements with respect to the performance of the "classical" approach. Moreover we also introduce a method for identifying the flows responsible for an anomaly detected at the aggregated level. The performance analysis, presented in this paper, demonstrates the effectiveness of the proposed method.
Keywords :
IP networks; principal component analysis; telecommunication network management; telecommunication security; telecommunication traffic; IP networks management; anomalous traffic detection; anomaly detection system; multi-time-scales PCA; multiscale analysis; network attacks; network operators; network users; Aggregates; Detectors; Entropy; Histograms; IP networks; Principal component analysis; Yttrium;
Conference_Titel :
Performance Evaluation of Computer and Telecommunication Systems (SPECTS), 2010 International Symposium on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-56555-340-8
