A New Algorithm for Network Anomaly Detection

In this paper, a new algorithm is suggested to solve the network traffic anomaly detection problem. Wavelet generalized likelihood ratio (WGLR) algorithm, which smartly combines generalized likelihood ratio algorithm and wavelet method, and captures the failure point in real time. Simulating and network traffic experiment has demonstrated that the algorithm has the better performance in fault detection

[1]  Birsen Yazici,et al.  Kalman filtering for self-similar processes , 2006, Signal Process..

[2]  Symeon Papavassiliou,et al.  A network fault diagnostic approach based on a statistical traffic normality prediction algorithm , 2003, GLOBECOM '03. IEEE Global Telecommunications Conference (IEEE Cat. No.03CH37489).

[3]  S. Mallat A wavelet tour of signal processing , 1998 .

[4]  Fan Zhang,et al.  Characterizing Normal Operation of a Web Server: Application to Workload Forecasting and Problem Determination , 1998, Int. CMG Conference.

[5]  Roy A. Maxion,et al.  Anomaly detection for diagnosis , 1990, [1990] Digest of Papers. Fault-Tolerant Computing: 20th International Symposium.

[6]  Marina Thottan,et al.  Adaptive thresholding for proactive network problem detection , 1998, Proceedings of the IEEE Third International Workshop on Systems Management.

[7]  Vern Paxson,et al.  Fast, approximate synthesis of fractional Gaussian noise for generating self-similar network traffic , 1997, CCRV.

[8]  J.W.R. Griffiths An Introduction to Statistical Signal Processing with Applications , 1980 .