Conference proceeding
A fast algorithm for detecting anomalous changes in network traffic
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Conference Proceedings
01 Nov 2015
Abstract
Conference Title: 2015 11th International Conference on Network and Service Management (CNSM) Conference Start Date: 2015, Nov. 9 Conference End Date: 2015, Nov. 13 Conference Location: Barcelona, Spain Anomalies in communication network traffic caused by malware or denial-of-service attacks manifest themselves in structural changes in the covariance matrix of traffic features. Real-time detection of anomalies in high-dimensional data demands a very efficient algorithm to identify these changes in a compact low-dimensional representation. This paper presents an efficient algorithm for the rapid detection of structural differences between two covariance matrices, as measured by the maximum possible angle between the subspaces specified by subsets of the two sets of principal components of the matrices. We show that our algorithm achieves a significantly lower computational complexity compared to a naive approach. Finally, we apply our results to real traffic traces from Internet backbone links and show that our approach offers a substantial reduction in the computational overhead of anomaly detection.
Metrics
9 Record Views
Details
- Title
- A fast algorithm for detecting anomalous changes in network traffic
- Creators
- Tingshan HuangHarish SethuNagarajan Kandasamy
- Publication Details
- The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Conference Proceedings
- Publisher
- The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
- Resource Type
- Conference proceeding
- Language
- English
- Academic Unit
- Electrical and Computer Engineering
- Identifiers
- 991019170376204721