A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic

Tingshan Huang; Harish Sethu; Nagarajan Kandasamy

doi:10.1109/TNSM.2016.2597125

Back

A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic

Journal article

Open access

Peer reviewed

A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic

Tingshan Huang, Harish Sethu and Nagarajan Kandasamy

IEEE eTransactions on network and service management, Vol.13(3), pp.651-665

Sep 2016

DOI: https://doi.org/10.1109/TNSM.2016.2597125

Files and links (1)

url

https://doi.org/10.1109/tnsm.2016.2597125View

Accepted (AM)Open Access (Publisher-Specific), Open

Abstract

anomaly detection

Covariance matrices

Dimensionality reduction

Feature extraction

Monitoring

Principal component analysis

Real-time systems

subspace

Temperature measurement

Training data

The monitoring and management of high-volume feature-rich traffic in large networks offers significant challenges in storage, transmission, and computational costs. The predominant approach to reducing these costs is based on performing a linear mapping of the data to a low-dimensional subspace such that a certain large percentage of the variance in the data is preserved in the low-dimensional representation. This variance-based subspace approach to dimensionality reduction forces a fixed choice of the number of dimensions, is not responsive to real-time shifts in observed traffic patterns, and is vulnerable to normal traffic spoofing. Based on theoretical insights proved in this paper, we propose a new distance-based approach to dimensionality reduction motivated by the fact that the real-time structural differences between the covariance matrices of the observed and the normal traffic is more relevant to anomaly detection than the structure of the training data alone. Our approach, called the distance-based subspace method, allows a different number of reduced dimensions in different time windows and arrives at only the number of dimensions necessary for effective anomaly detection. We present centralized and distributed versions of our algorithm and, using simulation on real traffic traces, demonstrate the qualitative and quantitative advantages of the distance-based subspace approach.

Metrics

3 Record Views

33 Citations (source Web of Science)

Details

Title: A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic
Creators: Tingshan Huang - Akamai
Harish Sethu - Drexel University
Nagarajan Kandasamy - Drexel University
Publication Details: IEEE eTransactions on network and service management, Vol.13(3), pp.651-665
Publisher: IEEE
Grant note: #1228847 / National Science Foundation (10.13039/100000001)
Resource Type: Journal article
Language: English
Academic Unit: Electrical and Computer Engineering
Identifiers: 991019168087704721

UN Sustainable Development Goals (SDGs)

This output has contributed to the advancement of the following goals:

Source: InCites

InCites Highlights

These are selected metrics from InCites Benchmarking & Analytics tool, related to this output

Web of Science research areas: Computer Science, Information Systems

A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic

Files and links (1)

Abstract

Metrics

Details

UN Sustainable Development Goals (SDGs)

InCites Highlights

Drexel University Social media