An overview of flow-based anomaly detection

被引:9
|
作者
Sharma, Rohini [1 ]
Guleria, Ajay [2 ]
Singla, R. K. [1 ]
机构
[1] Panjab Univ, Dept Comp Sci & Applicat, Chandigarh, India
[2] Panjab Univ, Comp Ctr, Chandigarh, India
来源
INTERNATIONAL JOURNAL OF COMMUNICATION NETWORKS AND DISTRIBUTED SYSTEMS | 2018年 / 21卷 / 02期
关键词
network flows; anomaly detection; security; privacy; flow-based dataset; statistical techniques; machine learning; clustering; frequent pattern mining; software agents;
D O I
10.1504/IJCNDS.2018.10014505
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Intrusions in computer networks are handled using misuse or anomaly-based solutions. Deep packet inspection is generally incorporated in solutions for better detection and mitigation but with the growth of networks at exponential speed, it has become an expensive solution and makes real-time detection difficult. In this paper, network flows-based anomaly detection techniques are reviewed. The review starts with motivation behind using network flows and justifies why flow-based anomaly detection is the need of the hour. Flow-based datasets are also investigated and reviewed. The main focus is on techniques and methodologies used by researchers for anomaly detection in computer networks. The techniques reviewed are categorised into five classes: statistical, machine learning, clustering, frequent pattern mining and agent-based. At the end the core research problems and open challenges are discussed.
引用
收藏
页码:220 / 240
页数:21
相关论文
共 50 条
  • [1] An Overview of IP Flow-Based Intrusion Detection
    Sperotto, Anna
    Schaffrath, Gregor
    Sadre, Ramin
    Morariu, Cristian
    Pras, Aiko
    Stiller, Burkhard
    IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2010, 12 (03): : 343 - 356
  • [2] Anomaly detection with flow-based fast calorimeter simulators
    Krause, Claudius
    Nachman, Benjamin
    Pang, Ian
    Shih, David
    Zhu, Yunhao
    PHYSICAL REVIEW D, 2024, 110 (03)
  • [3] Similarity as a central approach to flow-based anomaly detection
    Drasar, Martin
    Vizvary, Martin
    Vykopal, Jan
    INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT, 2014, 24 (04) : 318 - 336
  • [4] Normalizing Flow-Based Industrial Complex Background Anomaly Detection
    Wen, Pengxv
    Gao, Xiaorong
    Wang, Yong
    Li, Jinlong
    Luo, Lin
    JOURNAL OF SENSORS, 2023, 2023
  • [5] FRAnomaly: flow-based rapid anomaly detection from images
    Milkovic, Fran
    Posilovic, Luka
    Medak, Duje
    Subasic, Marko
    Loncaric, Sven
    Budimir, Marko
    APPLIED INTELLIGENCE, 2024, 54 (04) : 3502 - 3515
  • [6] Intelligent flow-based sampling for effective network anomaly detection
    Androulidakis, G.
    Papavassiliou, S.
    GLOBECOM 2007: 2007 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-11, 2007, : 1948 - 1953
  • [7] FRAnomaly: flow-based rapid anomaly detection from images
    Fran Milković
    Luka Posilović
    Duje Medak
    Marko Subašić
    Sven Lončarić
    Marko Budimir
    Applied Intelligence, 2024, 54 : 3502 - 3515
  • [8] MSFlow: Multiscale Flow-Based Framework for Unsupervised Anomaly Detection
    Zhou, Yixuan
    Xu, Xing
    Song, Jingkuan
    Shen, Fumin
    Shen, Heng Tao
    IEEE TRANSACTIONS ON NEURAL NETWORKS AND LEARNING SYSTEMS, 2025, 36 (02) : 2437 - 2450
  • [9] Flow-based statistical aggregation schemes for network anomaly detection
    Song, Sui
    Ling, Li
    Manikopoulo, C. N.
    PROCEEDINGS OF THE 2006 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, SENSING AND CONTROL, 2006, : 786 - 791
  • [10] Hierarchical Flow-Based Anomaly Detection Model for Motor Gearbox Defect Detection
    Lee, Younghwa
    Chang, Il-Sik
    Oh, Suseong
    Nam, Youngjin
    Chae, Youngteuk
    Choi, Geonyoung
    Park, Gooman
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2023, 17 (06): : 1516 - 1529
12345