Detecting and identifying network anomalies by component analysis

Le The Quyen, Marat Zhanikeev, Yoshiaki Tanaka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Many research works address detection and identification of network anomalies using traffic analysis. This paper considers large topologies, such as those of an ISP, with traffic analysis performed on multiple links simultaneously. This is made possible by using a combination of simple online traffic parameters and specific data from headers of selective packets. Even though large networks may have many network links and a lot of traffic, the analysis is simplified with the usage of Principal Component Analysis (PCA) subspace method. The proposed method proves that aggregation of such traffic profiles on large topologies allows identification of a certain set of anomalies with high level of certainty.

Original languageEnglish
Title of host publicationManagement of Convergence Networks and Services - 9th Asia-Pacific Network Operations and Management Symposium, APNOMS 2006, Proceedings
PublisherSpringer Verlag
Pages501-504
Number of pages4
ISBN (Print)3540457763, 9783540457763
DOIs
Publication statusPublished - 2006
Event9th Asia-Pacific Network Operations and Management Symposium, APNOMS 2006 - Busan, Korea, Republic of
Duration: 2006 Sep 272006 Sep 29

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4238 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference9th Asia-Pacific Network Operations and Management Symposium, APNOMS 2006
CountryKorea, Republic of
CityBusan
Period06/9/2706/9/29

Keywords

  • Anomaly detection
  • Anomaly identification
  • Network anomalies
  • Principal component analysis
  • Traffic analysis

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Detecting and identifying network anomalies by component analysis'. Together they form a unique fingerprint.

  • Cite this

    Quyen, L. T., Zhanikeev, M., & Tanaka, Y. (2006). Detecting and identifying network anomalies by component analysis. In Management of Convergence Networks and Services - 9th Asia-Pacific Network Operations and Management Symposium, APNOMS 2006, Proceedings (pp. 501-504). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4238 LNCS). Springer Verlag. https://doi.org/10.1007/11876601_51