Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

A lightweight network anomaly detection technique

Journal Article · · 2017 International Conference on Computing, Networking and Communications, ICNC 2017
 [1];  [2];  [2];  [1];  [3]
  1. Texas A & M Univ., Commerce, TX (United States)
  2. Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)
  3. Electronics and Telecommunications Research Inst. (ETRI), Daejeon (Korea, Republic of)
+ Show Author Affiliations
While the network anomaly detection is essential in network operations and management, it becomes further challenging to perform the first line of detection against the exponentially increasing volume of network traffic. In this paper, we develop a technique for the first line of online anomaly detection with two important considerations: (i) availability of traffic attributes during the monitoring time, and (ii) computational scalability for streaming data. The presented learning technique is lightweight and highly scalable with the beauty of approximation based on the grid partitioning of the given dimensional space. With the public traffic traces of KDD Cup 1999 and NSL-KDD, we show that our technique yields 98.5% and 83% of detection accuracy, respectively, only with a couple of readily available traffic attributes that can be obtained without the help of post-processing. Finally, the results are at least comparable with the classical learning methods including decision tree and random forest, with approximately two orders of magnitude faster learning performance.
Research Organization:
Electronics and Telecommunications Research Inst. (ETRI), Daejeon (Korea, Republic of); Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)
Sponsoring Organization:
Ministry of Science, ICT and Future Planning (MSIP) (Korea, Republic of); USDOE Office of Science (SC), Advanced Scientific Computing Research (ASCR) (SC-21); USDOE Office of Science (SC), Workforce Development for Teachers and Scientists (WDTS) (SC-27)
Grant/Contract Number:
AC02-05CH11231
OSTI ID:
1379772
Journal Information:
2017 International Conference on Computing, Networking and Communications, ICNC 2017, Journal Name: 2017 International Conference on Computing, Networking and Communications, ICNC 2017
Country of Publication:
United States
Language:
English

Similar Records

Network Anomaly Detection Using Federated Learning
Conference · Sun Nov 27 23:00:00 EST 2022 · MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM) · OSTI ID:1959004
HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System
Technical Report · Wed Dec 04 23:00:00 EST 2013 · OSTI ID:1108982
Self-Taught Anomaly Detection With Hybrid Unsupervised/Supervised Machine Learning in Optical Networks
Journal Article · Thu Feb 28 19:00:00 EST 2019 · Journal of Lightwave Technology · OSTI ID:1612677

Related Subjects

97 MATHEMATICS AND COMPUTING
complexity theory
computer crime
computer network security
conferences
decision trees
learning systems
partitioning algorithms
telecommunication traffic
testing