Wavelet Methods for the Detection of Anomalies and their Application to Network Traffic Analysis

Here we develop an integrated tool for the online detection of network anomalies. We consider statistical change point detection algorithms, for both local changes in the variance and for the detection of jumps, and propose modified versions of these algorithms based on moving window techniques. We investigate performances on simulated data and on network traffic data with several superimposed attacks. All detection methods are based on wavelet packet transforms. Copyright c

[1]  M. Victor Wickerhauser,et al.  Adapted wavelet analysis from theory to software , 1994 .

[2]  Anja Feldmann,et al.  Scaling Analysis of Conservative Cascades, with Applications to Network Traffic , 1999, IEEE Trans. Inf. Theory.

[3]  Arjun K. Gupta,et al.  Testing and Locating Variance Changepoints with Application to Stock Prices , 1997 .

[4]  Marina Vannucci,et al.  Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data , 2004, NETWORKING.

[5]  Yazhen Wang Jump and sharp cusp detection by wavelets , 1995 .

[6]  G. Schwarz Estimating the Dimension of a Model , 1978 .

[7]  Anthony C. Davison,et al.  Wavestrapping time series: Adaptive wavelet-based bootstrapping , 2000 .

[8]  Michael R. Chernick,et al.  Wavelet Methods for Time Series Analysis , 2001, Technometrics.

[9]  Ingrid Daubechies,et al.  Ten Lectures on Wavelets , 1992 .

[10]  G. Box,et al.  On a measure of lack of fit in time series models , 1978 .

[11]  Anna C. Gilbert,et al.  Multiscale Analysis and Data Networks , 2001 .

[12]  Walter Willinger,et al.  Wavelet analysis of conservative cascades , 2003 .

[13]  M. Vannucci,et al.  Wavelet Packet Methods for the Analysis of Variance of Time Series With Application to Crack Widths on the Brunelleschi Dome , 2004 .

[14]  Stéphane Mallat,et al.  A Theory for Multiresolution Signal Decomposition: The Wavelet Representation , 1989, IEEE Trans. Pattern Anal. Mach. Intell..

[15]  H. Akaike A new look at the statistical model identification , 1974 .

[16]  Brandon Whitcher,et al.  Simulating Gaussian Stationary Processes With Unbounded Spectra , 2001 .

[17]  G. C. Tiao,et al.  Use of Cumulative Sums of Squares for Retrospective Detection of Changes of Variance , 1994 .

[18]  Richard G. Baraniuk,et al.  Network Traffic Modeling Using a Multifractal Wavelet Model , 2001 .

[19]  I. Johnstone,et al.  Ideal spatial adaptation by wavelet shrinkage , 1994 .

[20]  Peter Guttorp,et al.  Multiscale detection and location of multiple variance changes in the presence of long memory , 2000 .

[21]  Sandra L. Berger Massachusetts , 1896, The Journal of comparative medicine and veterinary archives.

[22]  Brandon J. Whitcher,et al.  Wavelet-Based Estimation for Seasonal Long-Memory Processes , 2004, Technometrics.