Abstract
This paper discusses several issues of evaluation and comparison of anomaly detection algorithms, namely lack of publicly available implementations and annotated data sets. Another problem of many methods is a detection delay caused by operating on data binned to a long time intervals. The paper presents a library under development which aims to tackle the comparison and evaluation issues. Further, the paper proposes a novel anomaly detection approach that can contribute to anomaly detection in real-time.
Download conference paper PDF
References
Mawi traffic archive, http://mawi.wide.ad.jp/mawi/
Estan, C., Keys, K., Moore, D., Varghese, G.: Building a better netflow. SIGCOMM Computer Communication Review 34, 245–256 (2004)
Patcha, A., Park, J.M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks 51 (August 2007)
Zhang, W., Yang, Q., Geng, Y.: A survey of anomaly detection methods in networks. In: International Symposium on Computer Network and Multimedia Technology, CNMT 2009 (January 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Bartoš, V., Žádník, M. (2012). Network Anomaly Detection: Comparison and Real-Time Issues. In: Sadre, R., Novotný, J., Čeleda, P., Waldburger, M., Stiller, B. (eds) Dependable Networks and Services. AIMS 2012. Lecture Notes in Computer Science, vol 7279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30633-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-30633-4_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30632-7
Online ISBN: 978-3-642-30633-4
eBook Packages: Computer ScienceComputer Science (R0)
