FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W85751471> ?p ?o ?g. }

• W85751471 abstract "Anomaly detection has become a vital component of any network in today's Internet. Ranging from non-malicious unexpected events such as flash-crowds and failures, to network attacks such as denials-of-service and network scans, network traffic anomalies can have serious detrimental effects on the performance and integrity of the network. The continuous arising of new anomalies and attacks create a continuous challenge to cope with events that put the network integrity at risk. Moreover, the inner polymorphic nature of traffic caused, among other things, by a highly changing protocol landscape, complicates anomaly detection system's task. In fact, most network anomaly detection systems proposed so far employ knowledge-dependent techniques, using either misuse detection signature-based detection methods or anomaly detection relying on supervisedlearning techniques. However, both approaches present major limitations: the former fails to detect and characterize unknown anomalies (letting the network unprotected for long periods) and the latter requires training over labeled normal traffic, which is a difficult and expensive stage that need to be updated on a regular basis to follow network traffic evolution. Such limitations impose a serious bottleneck to the previously presented problem. We introduce an unsupervised approach to detect and characterize network anomalies, without relying on signatures, statistical training, or labeled traffic, which represents a significant step towards the autonomy of networks. Unsupervised detection is accomplished by means of robust data-clustering techniques, combining Sub-Space clustering with Evidence Accumulation or Inter-Clustering Results Association, to blindly identify anomalies in traffic flows. Correlating the results of several unsupervised detections is also performed to improve detection robustness. The correlation results are further used along other anomaly characteristics to build an anomaly hierarchy in terms of dange rousness. Characterization is then achieved by building efficient filtering rules to describe a detected anomaly. The detection and characterization performances and sensitivities to parameters are evaluated over a substantial subset of the MAWI repository which contains real network traffic traces. Our work shows that unsupervised learning techniques allow anomaly detection systems to isolate anomalous traffic without any previous knowledge. We think that this contribution constitutes a great step towards autonomous network anomaly detection. This PhD thesis has been funded through the ECODE project by the European Commission under the Framework Programme 7. The goal of this project is to develop, implement, and validate experimentally a cognitive routing system that meet the challenges experienced by the Internet in terms of manageability and security, availability and accountability, as well as routing system scalability and quality. The concerned use case inside the ECODE project is network anomaly detection." @default.
• W85751471 created "2016-06-24" @default.
• W85751471 creator A5078574033 @default.
• W85751471 date "2011-12-19" @default.
• W85751471 modified "2023-09-26" @default.
• W85751471 title "Unsupervised network anomaly detection" @default.
• W85751471 hasPublicationYear "2011" @default.
• W85751471 type Work @default.
• W85751471 sameAs 85751471 @default.
• W85751471 citedByCount "1" @default.
• W85751471 countsByYear W857514712017 @default.
• W85751471 crossrefType "dissertation" @default.
• W85751471 hasAuthorship W85751471A5078574033 @default.
• W85751471 hasConcept C124101348 @default.
• W85751471 hasConcept C149635348 @default.
• W85751471 hasConcept C154945302 @default.
• W85751471 hasConcept C2780513914 @default.
• W85751471 hasConcept C41008148 @default.
• W85751471 hasConcept C73555534 @default.
• W85751471 hasConcept C739882 @default.
• W85751471 hasConceptScore W85751471C124101348 @default.
• W85751471 hasConceptScore W85751471C149635348 @default.
• W85751471 hasConceptScore W85751471C154945302 @default.
• W85751471 hasConceptScore W85751471C2780513914 @default.
• W85751471 hasConceptScore W85751471C41008148 @default.
• W85751471 hasConceptScore W85751471C73555534 @default.
• W85751471 hasConceptScore W85751471C739882 @default.
• W85751471 hasLocation W857514711 @default.
• W85751471 hasOpenAccess W85751471 @default.
• W85751471 hasPrimaryLocation W857514711 @default.
• W85751471 hasRelatedWork W1971585691 @default.
• W85751471 hasRelatedWork W2003990204 @default.
• W85751471 hasRelatedWork W2132467919 @default.
• W85751471 hasRelatedWork W2211041772 @default.
• W85751471 hasRelatedWork W2238042769 @default.
• W85751471 hasRelatedWork W2276955153 @default.
• W85751471 hasRelatedWork W2313003518 @default.
• W85751471 hasRelatedWork W2379693487 @default.
• W85751471 hasRelatedWork W2466747396 @default.
• W85751471 hasRelatedWork W2726296399 @default.
• W85751471 hasRelatedWork W2785391232 @default.
• W85751471 hasRelatedWork W2910977229 @default.
• W85751471 hasRelatedWork W2954054142 @default.
• W85751471 hasRelatedWork W3002384864 @default.
• W85751471 hasRelatedWork W3012046681 @default.
• W85751471 hasRelatedWork W3197584391 @default.
• W85751471 hasRelatedWork W3198434560 @default.
• W85751471 hasRelatedWork W2217658103 @default.
• W85751471 hasRelatedWork W2339810648 @default.
• W85751471 hasRelatedWork W2477352616 @default.
• W85751471 isParatext "false" @default.
• W85751471 isRetracted "false" @default.
• W85751471 magId "85751471" @default.
• W85751471 workType "dissertation" @default.