Title :
Using Ant Colony Optimization metaheuristic and Dynamic Time Warping for anomaly detection
Author :
Carvalho, Luiz F. ; Rodrigues, Joel J. P. C. ; Barbon, Sylvio ; Lemes Proenca, Mario
Author_Institution :
Comput. Sci. Dept., State Univ. of Londrina (UEL), Londrina, Brazil
Abstract :
Traffic monitoring is an essential tool to ensure network availability and its correct operation. To accomplish this task automatically, we present the DSNSF (Digital Signature of Network Segment using Flow analysis), which characterizes the normal behavior of network traffic. For the DSNSF creation a modification of Ant Colony Optimization metaheuristic is used, which improves the extraction of information, defining a normal profile. Furthermore, we propose a model based on DTW (Dynamic Time Warping) pattern matching technique for anomaly detecting, allowing the recognition of deviant behavior moving in time and those who are punctual. The anomaly notifications are multilevel, in order not to overload the network administrator with false reports. To evaluate the proposed system, IP flows from a real data set were used.
Keywords :
IP networks; ant colony optimisation; computer network reliability; computer network security; digital signatures; pattern matching; telecommunication traffic; DSNSF; DTW pattern matching technique; IP flow; anomaly detection; ant colony optimization metaheuristic modification; deviant behavior recognition; digital signature of network segment using flow analysis; dynamic time warping pattern matching technique; information extraction; network availability; network traffic monitoring;
Conference_Titel :
Software, Telecommunications and Computer Networks (SoftCOM), 2013 21st International Conference on
Conference_Location :
Primosten
DOI :
10.1109/SoftCOM.2013.6671906
