|
|
For Full-Text PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
|
Unsupervised Learning Model for Real-Time Anomaly Detection in Computer Networks
Kriangkrai LIMTHONG Kensuke FUKUDA Yusheng JI Shigeki YAMADA
Publication
IEICE TRANSACTIONS on Information and Systems
Vol.E97-D
No.8
pp.2084-2094
Publication Date: 2014/08/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E97.D.2084
Type of Manuscript: PAPER
Category: Information Network
Keyword:
machine learning, multivariate normal distribution, nearest neighbor, one-class support vector machine,
Full Text: PDF(1019.5KB)>>
Summary:
Detecting a variety of anomalies caused by attacks or accidents in computer networks has been one of the real challenges for both researchers and network operators. An effective technique that could quickly and accurately detect a wide range of anomalies would be able to prevent serious consequences for system security or reliability. In this article, we characterize detection techniques on the basis of learning models and propose an unsupervised learning model for real-time anomaly detection in computer networks. We also conducted a series of experiments to examine capabilities of the proposed model by employing three well-known machine learning algorithms, namely multivariate normal distribution, k-nearest neighbor, and one-class support vector machine. The results of these experiments on real network traffic suggest that the proposed model is a promising solution and has a number of flexible capabilities to detect several types of anomalies in real time.
|
|
