Enforcing Privacy in Distributed Multi-Domain Network Anomaly Detection

In this paper, we propose a distributed PCA-based method for detecting anomalies in the network traffic, which, by means of multi-party computation techniques, is also able to face the different privacy constraints that arise in a multi-domain network scenario, while preserving the same performance of the centralised implementation (with only a limited overhead).

[1]  Christian Callegari,et al.  A Novel PCA-Based Network Anomaly Detection , 2011, 2011 IEEE International Conference on Communications (ICC).

[2]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[3]  Yong Guan,et al.  Sketch-Based Streaming PCA Algorithm for Network-Wide Traffic Anomaly Detection , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[4]  Mark Crovella,et al.  Mining anomalies using traffic feature distributions , 2005, SIGCOMM '05.

[5]  Christian Callegari,et al.  A novel multi time-scales PCA-based anomaly detection system , 2010, Proceedings of the 2010 International Symposium on Performance Evaluation of Computer and Telecommunication Systems (SPECTS '10).

[6]  Yan Chen,et al.  Reversible sketches for efficient and accurate change detection over network data streams , 2004, IMC '04.

[7]  Ronald Cramer,et al.  Introduction to Secure Computation , 1998, Lectures on Data Security.

[8]  Christophe Diot,et al.  Diagnosing network-wide traffic anomalies , 2004, SIGCOMM.

[9]  Hao Wang,et al.  Privacy-preserving anomaly detection across multi-domain networks , 2012, 2012 9th International Conference on Fuzzy Systems and Knowledge Discovery.

[10]  Christian Callegari,et al.  Distributed PCA-based anomaly detection in telephone networks through legitimate-user profiling , 2012, 2012 IEEE International Conference on Communications (ICC).

[11]  Christian Callegari,et al.  Improving PCA‐based anomaly detection by using multiple time scale analysis and Kullback–Leibler divergence , 2014, Int. J. Commun. Syst..

[12]  Symeon Papavassiliou,et al.  Improving network anomaly detection effectiveness via an integrated multi-metric-multi-link (M3L) PCA-based approach , 2009, Secur. Commun. Networks.

[13]  Christian Callegari,et al.  A Methodological Overview on Anomaly Detection , 2013, Data Traffic Monitoring and Analysis.

[14]  Jerome P. Reiter,et al.  Privacy-Preserving Analysis of Vertically Partitioned Data Using Secure Matrix Products , 2009 .