Detecting anomalous traffic with low false alarm rates is of primary interest in IP networks management. In this paper we propose a novel anomaly detection system, based on a combined use of sketches and of a novel bivariate non-parametric detection method. The latter allows us to simultaneously analyse two different traffic features so as to improve the performance of the "classical" detection systems, in terms of both detection rate and false alarm rate. The preliminary performance analysis, presented in this paper, demonstrates the effectiveness of the proposed system.
Bivariate non-parametric anomaly detection
CALLEGARI, CHRISTIAN;GIORDANO, STEFANO;PAGANO, MICHELE
2014-01-01
Abstract
Detecting anomalous traffic with low false alarm rates is of primary interest in IP networks management. In this paper we propose a novel anomaly detection system, based on a combined use of sketches and of a novel bivariate non-parametric detection method. The latter allows us to simultaneously analyse two different traffic features so as to improve the performance of the "classical" detection systems, in terms of both detection rate and false alarm rate. The preliminary performance analysis, presented in this paper, demonstrates the effectiveness of the proposed system.File in questo prodotto:
Non ci sono file associati a questo prodotto.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
