dc.contributor.author |
Chatzigiannakis, V |
en |
dc.contributor.author |
Androulidakis, G |
en |
dc.contributor.author |
Pelechrinis, K |
en |
dc.contributor.author |
Papavassiliou, S |
en |
dc.contributor.author |
Maglaris, V |
en |
dc.date.accessioned |
2014-03-01T02:44:32Z |
|
dc.date.available |
2014-03-01T02:44:32Z |
|
dc.date.issued |
2007 |
en |
dc.identifier.uri |
https://dspace.lib.ntua.gr/xmlui/handle/123456789/31871 |
|
dc.subject |
Anomaly Detection |
en |
dc.subject |
Large Scale |
en |
dc.subject |
Network Anomaly Detection |
en |
dc.subject |
Principal Component Analysis |
en |
dc.subject |
Theory of Evidence |
en |
dc.subject |
Data Fusion |
en |
dc.subject.other |
Anomaly detection algorithms |
en |
dc.subject.other |
Attack scenarios |
en |
dc.subject.other |
Data fusion algorithms |
en |
dc.subject.other |
International conferences |
en |
dc.subject.other |
Large scale networks |
en |
dc.subject.other |
Network Anomaly detection |
en |
dc.subject.other |
Numerica l results |
en |
dc.subject.other |
Operational principles |
en |
dc.subject.other |
Principal components |
en |
dc.subject.other |
Real data |
en |
dc.subject.other |
Shafer theory |
en |
dc.subject.other |
Wider range |
en |
dc.subject.other |
Administrative data processing |
en |
dc.subject.other |
Classification (of information) |
en |
dc.subject.other |
Financial data processing |
en |
dc.subject.other |
Fusion reactions |
en |
dc.subject.other |
Information fusion |
en |
dc.subject.other |
Nuclear physics |
en |
dc.subject.other |
Principal component analysis |
en |
dc.title |
Data fusion algorithms for network anomaly detection: Classification and evaluation |
en |
heal.type |
conferenceItem |
en |
heal.identifier.primary |
10.1109/ICNS.2007.49 |
en |
heal.identifier.secondary |
http://dx.doi.org/10.1109/ICNS.2007.49 |
en |
heal.identifier.secondary |
4438299 |
en |
heal.publicationDate |
2007 |
en |
heal.abstract |
In this paper, the problem of discovering anomalies in a large-scale network based on the data fusion of heterogeneous monitors is considered. We present a classification of anomaly detection algorithms based on data fusion, and motivated by this classification, the operational principles and characteristics of two different representative approaches, one based on the Demster-Shafer Theory of Evidence and one based on Principal Component Analysis, are described. The detection effectiveness of these strategies are evaluated and compared under different attack scenarios, based on both real data and simulations. Our study and corresponding numerical results revealed that in principle the conditions under which they operate efficiently are complementary, and therefore could be used effectively in an integrated way to detect a wider range of attacks. © 2007 IEEE. |
en |
heal.journalName |
3rd International Conference on Networking and Services,ICNS 2007 |
en |
dc.identifier.doi |
10.1109/ICNS.2007.49 |
en |