Climate Change Data Portal
| PCA-subspace Method- Is it Good Enough for Network-wide Anomaly Detection | |
| Zhang, Bin; Yang, Jiahai; Wu, Jianping; Qin, Donghong; Gao, Lei | |
| 发表日期 | 2012 |
| ISSN | 1542-1201 |
| 起始页码 | 359 |
| 结束页码 | 367 |
| 英文摘要 | PCA-subspace method has been proposed for network-wide anomaly detection. Normal subspace contamination is still a great challenge for PCA although some methods are proposed to reduce the contamination. In this paper, we apply PCA-subspace method to six-month Origin-Destination (OD) flow data from the Abilene. The result shows that normal subspace contamination is mainly caused by anomalies from a few strongest OD flows, and seems unavoidable for subspace method. Further comparison of anomalies detected by subspace method and manually tagged anomalies from each OD flows, we find that anomalies detected by subspace method are mainly caused by anomalies from medium and a few large OD flows, and most anomalies of minor OD flows are buried in abnormal subspace and hard to be detected by PCA-subspace method. We analyze the reason for those anomalies undetected by subspace method and suggest to use normal subspace to detect anomalies caused by a few strongest OD flows, and to further divide abnormal subspace to detect more anomalies from minor OD flows. The goal of this paper is to address limitations neglected by prior works and further improve the subspace method on one hand, also call for novel detection methods for network-wide traffic on another hand. |
| WOS研究方向 | Computer Science ; Telecommunications |
| WOS类目 | Computer Science, Information Systems ; Telecommunications |
| 来源期刊 | 2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS)
 |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://gcip.llas.ac.cn/handle/2XKMVOVA/158632 |
| 作者单位 | Zhang, B (corresponding author), Tsinghua Univ, Dept Comp Sci & Technol, Tsinghua Natl Lab Informat Sci & Technol, Network Res Ctr, Beijing 100084, Peoples R China. |
| 推荐引用方式 GB/T 7714 | Zhang, Bin,Yang, Jiahai,Wu, Jianping,et al. PCA-subspace Method- Is it Good Enough for Network-wide Anomaly Detection[J],2012. |
| APA | Zhang, Bin,Yang, Jiahai,Wu, Jianping,Qin, Donghong,&Gao, Lei.(2012).PCA-subspace Method- Is it Good Enough for Network-wide Anomaly Detection.2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS). |
| MLA | Zhang, Bin,et al."PCA-subspace Method- Is it Good Enough for Network-wide Anomaly Detection".2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS) (2012). |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
