HEAL DSpace

Data fusion algorithms for network anomaly detection: Classification and evaluation

Αποθετήριο DSpace/Manakin

Εμφάνιση απλής εγγραφής

dc.contributor.author Chatzigiannakis, V en
dc.contributor.author Androulidakis, G en
dc.contributor.author Pelechrinis, K en
dc.contributor.author Papavassiliou, S en
dc.contributor.author Maglaris, V en
dc.date.accessioned 2014-03-01T02:44:32Z
dc.date.available 2014-03-01T02:44:32Z
dc.date.issued 2007 en
dc.identifier.uri https://dspace.lib.ntua.gr/xmlui/handle/123456789/31871
dc.subject Anomaly Detection en
dc.subject Large Scale en
dc.subject Network Anomaly Detection en
dc.subject Principal Component Analysis en
dc.subject Theory of Evidence en
dc.subject Data Fusion en
dc.subject.other Anomaly detection algorithms en
dc.subject.other Attack scenarios en
dc.subject.other Data fusion algorithms en
dc.subject.other International conferences en
dc.subject.other Large scale networks en
dc.subject.other Network Anomaly detection en
dc.subject.other Numerica l results en
dc.subject.other Operational principles en
dc.subject.other Principal components en
dc.subject.other Real data en
dc.subject.other Shafer theory en
dc.subject.other Wider range en
dc.subject.other Administrative data processing en
dc.subject.other Classification (of information) en
dc.subject.other Financial data processing en
dc.subject.other Fusion reactions en
dc.subject.other Information fusion en
dc.subject.other Nuclear physics en
dc.subject.other Principal component analysis en
dc.title Data fusion algorithms for network anomaly detection: Classification and evaluation en
heal.type conferenceItem en
heal.identifier.primary 10.1109/ICNS.2007.49 en
heal.identifier.secondary http://dx.doi.org/10.1109/ICNS.2007.49 en
heal.identifier.secondary 4438299 en
heal.publicationDate 2007 en
heal.abstract In this paper, the problem of discovering anomalies in a large-scale network based on the data fusion of heterogeneous monitors is considered. We present a classification of anomaly detection algorithms based on data fusion, and motivated by this classification, the operational principles and characteristics of two different representative approaches, one based on the Demster-Shafer Theory of Evidence and one based on Principal Component Analysis, are described. The detection effectiveness of these strategies are evaluated and compared under different attack scenarios, based on both real data and simulations. Our study and corresponding numerical results revealed that in principle the conditions under which they operate efficiently are complementary, and therefore could be used effectively in an integrated way to detect a wider range of attacks. © 2007 IEEE. en
heal.journalName 3rd International Conference on Networking and Services,ICNS 2007 en
dc.identifier.doi 10.1109/ICNS.2007.49 en


Αρχεία σε αυτό το τεκμήριο

Αρχεία Μέγεθος Μορφότυπο Προβολή

Δεν υπάρχουν αρχεία που σχετίζονται με αυτό το τεκμήριο.

Αυτό το τεκμήριο εμφανίζεται στην ακόλουθη συλλογή(ές)

Εμφάνιση απλής εγγραφής