Black Box Anomaly Detection: Is It Utopian?.
作者: Juan Caballero , Dawn Song , Avrim Blum , Shobha Venkataraman , Jennifer Yates
DOI:
关键词:
摘要: Automatic identification of anomalies on network data is a problem fundamental interest to ISPs diagnose incipient problems in their networks. gather diverse sources from the for monitoring, diagnostics or provisioning tasks. Finding this huge challenge due volume collected, number and diversity be detected. In paper we introduce framework anomaly detection that allows construction black box detector. This detector can used automatically finding with minimal human intervention. Our also us deal different types collected network. We have developed prototype framework, TrafficComber, are process evaluating it using warehouse tier-1 ISP.
berkeley.edu参考文章(22)
Tamraparni Dasu, Suresh Venkatasubramanian, Ke Yi, Shankar Krishnan, An Information-Theoretic Approach to Detecting Changes in Multi-Dimensional Data Streams Proc. Symposium on the Interface of Statistics, Computing Science, and Applications (Interface). ,(2006)
Gürsel Serpen, Maheshkumar Sabhnani, Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context. MLMTA. pp. 209- 215 ,(2003)
William Aiello, Patrick D. McDaniel, Jacobus E. van der Merwe, Oliver Spatscheck, Subhabrata Sen, Charles R. Kalmanek, Enterprise Security: A Community of Interest Based Approach. network and distributed system security symposium. ,(2006)
Stuart Staniford, James A. Hoagland, Joseph M. McAlerney, Practical automated detection of stealthy portscans Journal of Computer Security. ,vol. 10, pp. 105- 136 ,(2002) , 10.3233/JCS-2002-101-205
G. Giacinto, F. Roli, Intrusion detection in computer networks by multiple classifier systems international conference on pattern recognition. ,vol. 2, pp. 390- 393 ,(2002) , 10.1109/ICPR.2002.1048321
Kavé Salamatian, Nina Taft, Augustin Soule, Combining filtering and statistical methods for anomaly detection internet measurement conference. pp. 31- 31 ,(2005) , 10.5555/1251086.1251117
Haim Shvaytser, None, A Necessary Condition for Learning from Positive Examples Machine Learning. ,vol. 5, pp. 101- 113 ,(1990) , 10.1023/A:1022663809420
Andrew W. Moore, Denis Zuev, Internet traffic classification using bayesian analysis techniques measurement and modeling of computer systems. ,vol. 33, pp. 50- 60 ,(2005) , 10.1145/1064212.1064220
Roderick JA Little, Donald B Rubin, None, Statistical Analysis with Missing Data ,(1987)
Wenke Lee, Salvatore J. Stolfo, A framework for constructing features and models for intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 227- 261 ,(2000) , 10.1145/382912.382914