NetFlow Anomaly Detection Though Parallel Cluster Density Analysis in Continuous Time-Series

被引:2
作者
Flanagan, Kieran [1 ,2 ]
Fallon, Enda [1 ]
Connolly, Paul [2 ]
Awad, Abir [3 ]
机构
[1] Athlone Inst Technol, Software Res Inst, Athlone, Ireland
[2] NPD Grp Inc, IDA Business Pk, Athlone, Westmeath, Ireland
[3] Univ South Wales, Fac Comp Engn & Sci, Treforest, Wales
来源
WIRED/WIRELESS INTERNET COMMUNICATIONS, WWIC 2017 | 2017年 / 10372卷
关键词
Anomaly detection; NetFlow; Clustering; Density analysis;
D O I
10.1007/978-3-319-61382-6_18
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The increase in malicious network based attacks has resulted in a growing interest in network anomaly detection. The ability to detect unauthorized or malicious activity on a network is of importance to any organization. With the increase in novel attacks, anomaly detection techniques can be more successful in detecting unknown malicious activity in comparison to traditional signature based methods. However, in a real-world environment, there are many variables that cannot be simulated. This paper proposes an architecture where parallel clustering algorithms work concurrently in order to detect abnormalities that may be lost while traversing over time-series windows. The presented results describe the NetFlow activity of the NPD Group, Inc. over a 24-hour period. The presented results contain real-world anomalies that were detected.
引用
收藏
页码:221 / 232
页数:12
相关论文
共 50 条
  • [1] Self-Configuring NetFlow Anomaly Detection using Cluster Density Analysis
    Flanagan, Kieran
    Fallon, Enda
    Awad, Abir
    Connolly, Paul
    2017 19TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATIONS TECHNOLOGY (ICACT) - OPENING NEW ERA OF SMART SOCIETY, 2017, : 421 - 427
  • [2] Network Anomaly Detection in Time Series using Distance Based Outlier Detection with Cluster Density Analysis
    Flanagan, Kieran
    Fallon, Enda
    Connolly, Paul
    Awad, Abir
    PROCEEDINGS OF THE 2017 7TH INTERNATIONAL CONFERENCE INTERNET TECHNOLOGIES AND APPLICATIONS (ITA), 2017, : 116 - 121
  • [3] Symbolic time-series analysis for anomaly detection in mechanical
    Khatkhate, Amol
    Ray, Asok
    Keller, Eric
    Gupta, Shalabh
    Chin, Shin C.
    IEEE-ASME TRANSACTIONS ON MECHATRONICS, 2006, 11 (04) : 439 - 447
  • [4] Contrastive Time-Series Anomaly Detection
    Kim, Hyungi
    Kim, Siwon
    Min, Seonwoo
    Lee, Byunghan
    IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2024, 36 (10) : 5053 - 5065
  • [5] Adaptive Multivariate Time-Series Anomaly Detection
    Lv, Jianming
    Wang, Yaquan
    Chen, Shengjing
    INFORMATION PROCESSING & MANAGEMENT, 2023, 60 (04)
  • [6] Time-Series Anomaly Detection Service at Microsoft
    Ren, Hansheng
    Xu, Bixiong
    Wang, Yujing
    Yi, Chao
    Huang, Congrui
    Kou, Xiaoyu
    Xing, Tony
    Yang, Mao
    Tong, Jie
    Zhang, Qi
    KDD'19: PROCEEDINGS OF THE 25TH ACM SIGKDD INTERNATIONAL CONFERENCCE ON KNOWLEDGE DISCOVERY AND DATA MINING, 2019, : 3009 - 3017
  • [7] Granger Causality for Time-Series Anomaly Detection
    Qiu, Huida
    Liu, Yan
    Subrahmanya, Niranjan A.
    Li, Weichang
    12TH IEEE INTERNATIONAL CONFERENCE ON DATA MINING (ICDM 2012), 2012, : 1074 - 1079
  • [8] Anomaly Detection on Time-series Logs for Industrial Network
    Chen, Lin
    Kuang, Xiaoyun
    Xu, Aidong
    Suo, Siliang
    Yang, Yiwei
    2020 3RD INTERNATIONAL CONFERENCE ON SMART BLOCKCHAIN (SMARTBLOCK), 2020, : 81 - 86
  • [9] Denoising Architecture for Unsupervised Anomaly Detection in Time-Series
    Skaf, Wadie
    Horvath, Tomas
    NEW TRENDS IN DATABASE AND INFORMATION SYSTEMS, ADBIS 2022, 2022, 1652 : 178 - 187
  • [10] An Evaluation of Time-Series Anomaly Detection in Computer Networks
    Nguyen, Hong
    Hajisafi, Arash
    Abdoli, Alireza
    Kim, Seon Ho
    Shahabi, Cyrus
    2023 INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING, ICOIN, 2023, : 104 - 109
12345