Approaches for Anomaly Detection in Network : A Survey

In recent years there is a constant rise in cyber attacks. These attacks affect not only the individuals but the organizations at large also. To detect these attacks requires high-end systems, since there is continuous flow of data to-and-from the network. This huge data flow makes it difficult to analyze traffic and identify anomalous communication. Rule based engines are capable of identifying sophisticated attacks, but it fails to identify unknown and new attacks as the rules are always based on prior knowledge of the administrators. It is virtually impossible to code all the rules beforehand that may capture all the attacks. Most of the attacks have common characteristics, i.e. abnormal or anomalous network communication, authentication attempts or access attempts on objects. This work surveys different approaches to detect anomalies in network communication.