Anomaly Detection in Network Traffic Using Selected Methods of Time Series Analysis

In this paper a few methods for anomaly detection in computer networks with the use of time series methods are proposed. The special interest was put on Brown's exponential smoothing, seasonal decomposition, naive forecasting and Exponential Moving Average method. The validation of the anomaly detection methods has been performed using experimental data sets and statistical analysis which has shown that proposed methods can efficiently detect unusual situations in network traffic. This means that time series methods can be successfully used to model and predict a traffic in computer networks as well as to detect some unusual or unrequired events in network traffic.

[1]  M. Otto,et al.  Outliers in Time Series , 1972 .

[2]  Salvatore J. Stolfo,et al.  Anomalous Payload-Based Network Intrusion Detection , 2004, RAID.

[3]  Grzegorz Kolaczek,et al.  SMART SECURITY ASSESSMENT OF COMPOSED WEB SERVICES , 2010, Cybern. Syst..

[4]  Marina Thottan,et al.  Anomaly detection in IP networks , 2003, IEEE Trans. Signal Process..

[5]  Kavé Salamatian,et al.  Combining filtering and statistical methods for anomaly detection , 2005, IMC '05.

[6]  Svein J. Knapskog,et al.  A metric for trusted systems , 1998 .

[7]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[8]  Amrit Pal Singh,et al.  Analysis of Host-Based and Network-Based Intrusion Detection System , 2014 .

[9]  R. Tsay,et al.  Outliers in multivariate time series , 2000 .

[10]  Philip Chan,et al.  Learning States and Rules for Time Series Anomaly Detection , 2004, FLAIRS.

[11]  Bhavesh Patel,et al.  Feature Selection for Modeling Intrusion Detection , 2014 .

[12]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[13]  Junshui Ma,et al.  Online novelty detection on temporal sequences , 2003, KDD '03.

[14]  Abhinav Bhandari,et al.  Destination Address Entropy based Detection and Traceback Approach against Distributed Denial of Service Attacks , 2015 .

[15]  A. Josang,et al.  Conditional inference in subjective logic , 2003, Sixth International Conference of Information Fusion, 2003. Proceedings of the.

[16]  Raymond J. Mooney,et al.  A probabilistic framework for semi-supervised clustering , 2004, KDD.

[17]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..