NetFlow Anomaly Detection Though Parallel Cluster Density Analysis in Continuous Time-Series

被引:2
作者
Flanagan, Kieran [1 ,2 ]
Fallon, Enda [1 ]
Connolly, Paul [2 ]
Awad, Abir [3 ]
机构
[1] Athlone Inst Technol, Software Res Inst, Athlone, Ireland
[2] NPD Grp Inc, IDA Business Pk, Athlone, Westmeath, Ireland
[3] Univ South Wales, Fac Comp Engn & Sci, Treforest, Wales
来源
WIRED/WIRELESS INTERNET COMMUNICATIONS, WWIC 2017 | 2017年 / 10372卷
关键词
Anomaly detection; NetFlow; Clustering; Density analysis;
D O I
10.1007/978-3-319-61382-6_18
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The increase in malicious network based attacks has resulted in a growing interest in network anomaly detection. The ability to detect unauthorized or malicious activity on a network is of importance to any organization. With the increase in novel attacks, anomaly detection techniques can be more successful in detecting unknown malicious activity in comparison to traditional signature based methods. However, in a real-world environment, there are many variables that cannot be simulated. This paper proposes an architecture where parallel clustering algorithms work concurrently in order to detect abnormalities that may be lost while traversing over time-series windows. The presented results describe the NetFlow activity of the NPD Group, Inc. over a 24-hour period. The presented results contain real-world anomalies that were detected.
引用
收藏
页码:221 / 232
页数:12
相关论文
共 50 条
  • [21] Anomaly Detection in COVID-19 Time-Series Data
    Homayouni H.
    Ray I.
    Ghosh S.
    Gondalia S.
    Kahn M.G.
    SN Computer Science, 2021, 2 (4)
  • [22] Time-Series Deep Learning Anomaly Detection for Particle Accelerators
    Marcato, Davide
    Bortolato, Damiano
    Martinelli, Valentina
    Savarese, Giovanni
    Susto, Gian Antonio
    IFAC PAPERSONLINE, 2023, 56 (02): : 1566 - 1571
  • [23] Contrastive time-series reconstruction method for satellite anomaly detection
    Li, Zhenyu
    Song, Yuchen
    Peng, Xiyuan
    Liu, Datong
    Yi Qi Yi Biao Xue Bao/Chinese Journal of Scientific Instrument, 2024, 45 (04): : 17 - 26
  • [24] CoRP: A Pattern-Based Anomaly Detection in Time-Series
    Ben Kraiem, Ines
    Ghozzi, Faiza
    Peninou, Andre
    Teste, Olivier
    ENTERPRISE INFORMATION SYSTEMS (ICEIS 2019), 2020, 378 : 424 - 442
  • [25] Cluster analysis of long time-series medical datasets
    Hirano, S
    Tsumoto, S
    DATA MINING AND KNOWLEDGE DISCOVERY: THEORY, TOOLS, AND TECHNOLOGY VI, 2004, 5433 : 13 - 20
  • [26] Multivariate Time-series Anomaly Detection via Graph Attention Network
    Zhao, Hang
    Wang, Yujing
    Duan, Juanyong
    Huang, Congrui
    Cao, Defu
    Tong, Yunhai
    Xu, Bixiong
    Bai, Jing
    Tong, Jie
    Zhang, Qi
    20TH IEEE INTERNATIONAL CONFERENCE ON DATA MINING (ICDM 2020), 2020, : 841 - 850
  • [27] Generic and scalable periodicity adaptation framework for time-series anomaly detection
    Sun, Zhao
    Peng, Qinke
    Mou, Xu
    Bashir, Muhammad Fiaz
    MULTIMEDIA TOOLS AND APPLICATIONS, 2023, 82 (02) : 2731 - 2748
  • [28] Multiscale Wavelet Graph AutoEncoder for Multivariate Time-Series Anomaly Detection
    Wang, Jing
    Shao, Shikuan
    Bai, Yunfei
    Deng, Jiaoxue
    Lin, Youfang
    IEEE TRANSACTIONS ON INSTRUMENTATION AND MEASUREMENT, 2023, 72
  • [29] Time-Series to Image-Transformed Adversarial Autoencoder for Anomaly Detection
    Kang, Jiyoung
    Kim, Minseok
    Park, Jinuk
    Park, Sanghyun
    IEEE ACCESS, 2024, 12 : 119671 - 119684
  • [30] TMANomaly: Time-Series Mutual Adversarial Networks for Industrial Anomaly Detection
    Zhang, Lianming
    Bai, Wenji
    Xie, Xiaowei
    Chen, Liying
    Dong, Pingping
    IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2024, 20 (02) : 2263 - 2271
12345