Relevant bibliographies by topics / Network anomally

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Network anomally'

Author: Grafiati
Published: 4 June 2021
Last updated: 5 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Network anomally.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Network anomally"

1

García González, Gastón, Pedro Casas, Alicia Fernández, and Gabriel Gómez. "On the Usage of Generative Models for Network Anomaly Detection in Multivariate Time-Series." ACM SIGMETRICS Performance Evaluation Review 48, no. 4 (2021): 49–52. http://dx.doi.org/10.1145/3466826.3466843.

Full text
Abstract:
Despite the many attempts and approaches for anomaly de- tection explored over the years, the automatic detection of rare events in data communication networks remains a com- plex problem. In this paper we introduce Net-GAN, a novel approach to network anomaly detection in time-series, us- ing recurrent neural networks (RNNs) and generative ad- versarial networks (GAN). Different from the state of the art, which traditionally focuses on univariate measurements, Net-GAN detects anomalies in multivariate time-series, ex- ploiting temporal dependencies through RNNs. Net-GAN discovers the underlying distribution of the baseline, multi- variate data, without making any assumptions on its nature, offering a powerful approach to detect anomalies in com- plex, difficult to model network monitoring data. We further exploit the concepts behind generative models to conceive Net-VAE, a complementary approach to Net-GAN for net- work anomaly detection, based on variational auto-encoders (VAE). We evaluate Net-GAN and Net-VAE in different monitoring scenarios, including anomaly detection in IoT sensor data, and intrusion detection in network measure- ments. Generative models represent a promising approach for network anomaly detection, especially when considering the complexity and ever-growing number of time-series to monitor in operational networks.
APA, Harvard, Vancouver, ISO, and other styles
2

Dymora, Paweł, Miroslaw Mazurek, and Sławomir Jaskółka. "VoIP Anomaly Detection - selected methods of statistical analysis." Annales Universitatis Mariae Curie-Sklodowska, sectio AI – Informatica 16, no. 2 (2017): 14. http://dx.doi.org/10.17951/ai.2016.16.2.14.

Full text
Abstract:
<p>Self-similarity analysis and anomaly detection in networks are interesting fields of research and scientific work of scientists around the world. Simulation studies have demonstrated that the Hurst parameter estimation can be used to detect traffic anomaly. The actual network traffic is self-similar or long-range dependent. The dramatic expansion of applications on modern networks gives rise to a fundamental challenge to network security. The Hurst values are compared with confidence intervals of normal values to detect anomaly in VoIP.</p>
APA, Harvard, Vancouver, ISO, and other styles
3

Patel, Darsh, Kathiravan Srinivasan, Chuan-Yu Chang, Takshi Gupta, and Aman Kataria. "Network Anomaly Detection inside Consumer Networks—A Hybrid Approach." Electronics 9, no. 6 (2020): 923. http://dx.doi.org/10.3390/electronics9060923.

Full text
Abstract:
With an increasing number of Internet of Things (IoT) devices in the digital world, the attack surface for consumer networks has been increasing exponentially. Most of the compromised devices are used as zombies for attacks such as Distributed Denial of Services (DDoS). Consumer networks, unlike most commercial networks, lack the infrastructure such as managed switches and firewalls to easily monitor and block undesired network traffic. To counter such a problem with limited resources, this article proposes a hybrid anomaly detection approach that detects irregularities in the network traffic implicating compromised devices by using only elementary network information like Packet Size, Source, and Destination Ports, Time between subsequent packets, Transmission Control Protocol (TCP) Flags, etc. Essential features can be extracted from the available data, which can further be used to detect zero-day attacks. The paper also provides the taxonomy of various approaches to classify anomalies and description on capturing network packets inside consumer networks.
APA, Harvard, Vancouver, ISO, and other styles
4

Lalitha, K. V., and V. R. Josna. "Traffic Verification for Network Anomaly Detection in Sensor Networks." Procedia Technology 24 (2016): 1400–1405. http://dx.doi.org/10.1016/j.protcy.2016.05.161.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Naseer, Sheraz, Yasir Saleem, Shehzad Khalid, et al. "Enhanced Network Anomaly Detection Based on Deep Neural Networks." IEEE Access 6 (2018): 48231–46. http://dx.doi.org/10.1109/access.2018.2863036.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Zhang, Huajie, Sen Zhang, and Marlia Mohd Hanafiah. "Localization and recognition algorithm for fuzzy anomaly data in big data networks." Open Physics 16, no. 1 (2018): 1076–84. http://dx.doi.org/10.1515/phys-2018-0128.

Full text
Abstract:
Abstract In order to accurately detect the fuzzy anomaly data existing in big data networks, it is necessary to study the localization and recognition algorithm. The current algorithms have problems related to poor noise reduction, low recognition efficiency, high energy consumption and low accuracy. A novel localization and recognition algorithm for fuzzy anomaly data in big data networks is proposed. The multi-wavelet denoising method is used to remove the noise signals existing in the network. The k-means algorithm is utilized for network clustering, and the association mode between nodes and the unitary linearity regression model is adopted to eliminate spatially and temporally redundant data that exist in big data networks. The similarity anomaly detection method based on multi-feature aggregation identifies fuzzy anomaly data existing in big data networks, establishes an anomaly data localization model, and completes the localization and recognition of fuzzy anomaly data. Experimental results show that the proposed method has good noise reduction, high recognition efficiency, low energy consumption and high accuracy of localization and recognition.
APA, Harvard, Vancouver, ISO, and other styles
7

Das, Krishna, and Smriti Kumar Sinha. "Centrality measure based approach for detection of malicious nodes in twitter social network." International Journal of Engineering & Technology 7, no. 4.5 (2018): 518. http://dx.doi.org/10.14419/ijet.v7i4.5.21147.

Full text
Abstract:
In this short paper, network structural measure called centrality measure based mathematical approach is used for detection of malicious nodes in twitter social network. One of the objectives in analysing social networks is to detect malicious nodes which show anomaly behaviours in social networks. There are different approaches for anomaly detection in social networks such as opinion mining methods, behavioural methods, network structural approach etc. Centrality measure, a graph theoretical method related to social network structure, can be used to categorize a node either as popular and influential or as non-influential and anomalous node. Using this approach, we have analyzed twitter social network to remove anomalous nodes from the nodes-edges twitter data set. Thus removal of these kinds of nodes which are not important for information diffusion in the social network, makes the social network clean & speedy in fast information propagation.
APA, Harvard, Vancouver, ISO, and other styles
8

Naseer, Sheraz, Rao Faizan Ali, P. D. D. Dominic, and Yasir Saleem. "Learning Representations of Network Traffic Using Deep Neural Networks for Network Anomaly Detection: A Perspective towards Oil and Gas IT Infrastructures." Symmetry 12, no. 11 (2020): 1882. http://dx.doi.org/10.3390/sym12111882.

Full text
Abstract:
Oil and Gas organizations are dependent on their IT infrastructure, which is a small part of their industrial automation infrastructure, to function effectively. The oil and gas (O&G) organizations industrial automation infrastructure landscape is complex. To perform focused and effective studies, Industrial systems infrastructure is divided into functional levels by The Instrumentation, Systems and Automation Society (ISA) Standard ANSI/ISA-95:2005. This research focuses on the ISA-95:2005 level-4 IT infrastructure to address network anomaly detection problem for ensuring the security and reliability of Oil and Gas resource planning, process planning and operations management. Anomaly detectors try to recognize patterns of anomalous behaviors from network traffic and their performance is heavily dependent on extraction time and quality of network traffic features or representations used to train the detector. Creating efficient representations from large volumes of network traffic to develop anomaly detection models is a time and resource intensive task. In this study we propose, implement and evaluate use of Deep learning to learn effective Network data representations from raw network traffic to develop data driven anomaly detection systems. Proposed methodology provides an automated and cost effective replacement of feature extraction which is otherwise a time and resource intensive task for developing data driven anomaly detectors. The ISCX-2012 dataset is used to represent ISA-95 level-4 network traffic because the O&G network traffic at this level is not much different than normal internet traffic. We trained four representation learning models using popular deep neural network architectures to extract deep representations from ISCX 2012 traffic flows. A total of sixty anomaly detectors were trained by authors using twelve conventional Machine Learning algorithms to compare the performance of aforementioned deep representations with that of a human-engineered handcrafted network data representation. The comparisons were performed using well known model evaluation parameters. Results showed that deep representations are a promising feature in engineering replacement to develop anomaly detection models for IT infrastructure security. In our future research, we intend to investigate the effectiveness of deep representations, extracted using ISA-95:2005 Level 2-3 traffic comprising of SCADA systems, for anomaly detection in critical O&G systems.
APA, Harvard, Vancouver, ISO, and other styles
9

López-Vizcaíno, Manuel, Carlos Dafonte, Francisco Nóvoa, Daniel Garabato, and M. Álvarez. "Network Data Unsupervised Clustering to Anomaly Detection." Proceedings 2, no. 18 (2018): 1173. http://dx.doi.org/10.3390/proceedings2181173.

Full text
Abstract:
In these days, organizations rely on the availability and security of their communication networks to perform daily operations. As a result, network data must be analyzed in order to provide an adequate level of security and to detect anomalies or malfunctions in the systems. Due to the increase of devices connected to these networks, the complexity to analyze data related to its communications also grows. We propose a method, based on Self-Organized Maps, which combine numerical and categorical features, to ease communication network data analysis. Also, we have explored the possibility of using different sources of data.
APA, Harvard, Vancouver, ISO, and other styles
10

Prabhakar, T. S., and M. N. Veena. "Review on Anomaly Detection in Mobile Networks Using Traditional Learning, Machine Learning and Deep Learning." Journal of Computational and Theoretical Nanoscience 17, no. 11 (2020): 4789–96. http://dx.doi.org/10.1166/jctn.2020.9054.

Full text
Abstract:
Increasing usage of smart phones involves in the developing large amount of data and high speed internet is used for transfers this large amount of data. This in-turn gives rise to the development of various attacks to hack the data. Anomaly detection in the network analyzes the pattern in the network activity and found the abnormality in the network. The accurate detection of abnormality in network helps to prevent the attackers to steal the data. Many researches were conducted to improve the performance of anomaly detection in the mobile networks. Traditional methods results for performance of anomaly detection are not much effective. Machine learning techniques are used for the anomaly detection to increase the performance. The deep learning techniques are applied to increase the detection rate and decrease the false positive. Both the techniques machine learning uses k-means and Deep learning uses Artificial Neural Network method provides the considerable performance in anomaly detection.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Network anomally"

1

Lieskovan, Tomáš. "Detekce anomálií síťového provozu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317122.

Full text
Abstract:
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
APA, Harvard, Vancouver, ISO, and other styles
2

Kabore, Raogo. "Hybrid deep neural network anomaly detection system for SCADA networks." Thesis, Ecole nationale supérieure Mines-Télécom Atlantique Bretagne Pays de la Loire, 2020. http://www.theses.fr/2020IMTA0190.

Full text
Abstract:
Les systèmes SCADA sont de plus en plus ciblés par les cyberattaques en raison de nombreuses vulnérabilités dans le matériel, les logiciels, les protocoles et la pile de communication. Ces systèmes utilisent aujourd'hui du matériel, des logiciels, des systèmes d'exploitation et des protocoles standard. De plus, les systèmes SCADA qui étaient auparavant isolés sont désormais interconnectés aux réseaux d'entreprise et à Internet, élargissant ainsi la surface d'attaque. Dans cette thèse, nous utilisons une approche deep learning pour proposer un réseau de neurones profonds hybride efficace pour la détection d'anomalies dans les systèmes SCADA. Les principales caractéristiques des données SCADA sont apprises de manière automatique et non supervisée, puis transmises à un classificateur supervisé afin de déterminer si ces données sont normales ou anormales, c'est-à-dire s'il y a une cyber-attaque ou non. Par la suite, en réponse au défi dû au temps d’entraînement élevé des modèles deep learning, nous avons proposé une approche distribuée de notre système de détection d'anomalies afin de réduire le temps d’entraînement de notre modèle<br>SCADA systems are more and more targeted by cyber-attacks because of many vulnerabilities inhardware, software, protocols and the communication stack. Those systems nowadays use standard hardware, software, operating systems and protocols. Furthermore, SCADA systems which used to be air-gaped are now interconnected to corporate networks and to the Internet, widening the attack surface.In this thesis, we are using a deep learning approach to propose an efficient hybrid deep neural network for anomaly detection in SCADA systems. The salient features of SCADA data are automatically and unsupervisingly learnt, and then fed to a supervised classifier in order to dertermine if those data are normal or abnormal, i.e if there is a cyber-attack or not. Afterwards, as a response to the challenge caused by high training time of deep learning models, we proposed a distributed approach of our anomaly detection system in order lo lessen the training time of our model
APA, Harvard, Vancouver, ISO, and other styles
3

Mantere, M. (Matti). "Network security monitoring and anomaly detection in industrial control system networks." Doctoral thesis, Oulun yliopisto, 2015. http://urn.fi/urn:isbn:9789526208152.

Full text
Abstract:
Abstract Industrial control system (ICS) networks used to be isolated environments, typically separated by physical air gaps from the wider area networks. This situation has been changing and the change has brought with it new cybersecurity issues. The process has also exacerbated existing problems that were previously less exposed due to the systems’ relative isolation. This process of increasing connectivity between devices, systems and persons can be seen as part of a paradigm shift called the Internet of Things (IoT). This change is progressing and the industry actors need to take it into account when working to improve the cybersecurity of ICS environments and thus their reliability. Ensuring that proper security processes and mechanisms are being implemented and enforced on the ICS network level is an important part of the general security posture of any given industrial actor. Network security and the detection of intrusions and anomalies in the context of ICS networks are the main high-level research foci of this thesis. These issues are investigated through work on machine learning (ML) based anomaly detection (AD). Potentially suitable features, approaches and algorithms for implementing a network anomaly detection system for use in ICS environments are investigated. After investigating the challenges, different approaches and methods, a proof-ofconcept (PoC) was implemented. The PoC implementation is built on top of the Bro network security monitoring framework (Bro) for testing the selected approach and tools. In the PoC, a Self-Organizing Map (SOM) algorithm is implemented using Bro scripting language to demonstrate the feasibility of using Bro as a base system. The implemented approach also represents a minimal case of event-driven machine learning anomaly detection (EMLAD) concept conceived during the research. The contributions of this thesis are as follows: a set of potential features for use in machine learning anomaly detection, proof of the feasibility of the machine learning approach in ICS network setting, a concept for event-driven machine learning anomaly detection, a design and initial implementation of user configurable and extendable machine learning anomaly detection framework for ICS networks<br>Tiivistelmä Kehittyneet yhteiskunnat käyttävät teollisuuslaitoksissaan ja infrastruktuuriensa operoinnissa monimuotoisia automaatiojärjestelmiä. Näiden automaatiojärjestelmien tieto- ja kyberturvallisuuden tila on hyvin vaihtelevaa. Laitokset ja niiden hyödyntämät järjestelmät voivat edustaa usean eri aikakauden tekniikkaa ja sisältää useiden eri aikakauden heikkouksia ja haavoittuvaisuuksia. Järjestelmät olivat aiemmin suhteellisen eristyksissä muista tietoverkoista kuin omista kommunikaatioväylistään. Tämä automaatiojärjestelmien eristyneisyyden heikkeneminen on luonut uuden joukon uhkia paljastamalla niiden kommunikaatiorajapintoja ympäröivälle maailmalle. Nämä verkkoympäristöt ovat kuitenkin edelleen verrattaen eristyneitä ja tätä ominaisuutta voidaan hyödyntää niiden valvonnassa. Tässä työssä esitetään tutkimustuloksia näiden verkkojen turvallisuuden valvomisesta erityisesti poikkeamien havainnoinnilla käyttäen hyväksi koneoppimismenetelmiä. Alkuvaiheen haasteiden ja erityispiirteiden tutkimuksen jälkeen työssä käytetään itsejärjestyvien karttojen (Self-Organizing Map, SOM) algoritmia esimerkkiratkaisun toteutuksessa uuden konseptin havainnollistamiseksi. Tämä uusi konsepti on tapahtumapohjainen koneoppiva poikkeamien havainnointi (Event-Driven Machine Learning Anomaly Detection, EMLAD). Työn kontribuutiot ovat seuraavat, kaikki teollisuusautomaatioverkkojen kontekstissa: ehdotus yhdeksi anomalioiden havainnoinnissa käytettävien ominaisuuksien ryhmäksi, koneoppivan poikkeamien havainnoinnin käyttökelpoisuuden toteaminen, laajennettava ja joustava esimerkkitoteutus uudesta EMLAD-konseptista toteutettuna Bro NSM työkalun ohjelmointikielellä
APA, Harvard, Vancouver, ISO, and other styles
4

Mazel, Johan. "Unsupervised network anomaly detection." Thesis, Toulouse, INSA, 2011. http://www.theses.fr/2011ISAT0024/document.

Full text
Abstract:
La détection d'anomalies est une tâche critique de l'administration des réseaux. L'apparition continue de nouvelles anomalies et la nature changeante du trafic réseau compliquent de fait la détection d'anomalies. Les méthodes existantes de détection d'anomalies s'appuient sur une connaissance préalable du trafic : soit via des signatures créées à partir d'anomalies connues, soit via un profil de normalité. Ces deux approches sont limitées : la première ne peut détecter les nouvelles anomalies et la seconde requiert une constante mise à jour de son profil de normalité. Ces deux aspects limitent de façon importante l'efficacité des méthodes de détection existantes.Nous présentons une approche non-supervisée qui permet de détecter et caractériser les anomalies réseaux de façon autonome. Notre approche utilise des techniques de partitionnement afin d'identifier les flux anormaux. Nous proposons également plusieurs techniques qui permettent de traiter les anomalies extraites pour faciliter la tâche des opérateurs. Nous évaluons les performances de notre système sur des traces de trafic réel issues de la base de trace MAWI. Les résultats obtenus mettent en évidence la possibilité de mettre en place des systèmes de détection d'anomalies autonomes et fonctionnant sans connaissance préalable<br>Anomaly detection has become a vital component of any network in today’s Internet. Ranging from non-malicious unexpected events such as flash-crowds and failures, to network attacks such as denials-of-service and network scans, network traffic anomalies can have serious detrimental effects on the performance and integrity of the network. The continuous arising of new anomalies and attacks create a continuous challenge to cope with events that put the network integrity at risk. Moreover, the inner polymorphic nature of traffic caused, among other things, by a highly changing protocol landscape, complicates anomaly detection system's task. In fact, most network anomaly detection systems proposed so far employ knowledge-dependent techniques, using either misuse detection signature-based detection methods or anomaly detection relying on supervised-learning techniques. However, both approaches present major limitations: the former fails to detect and characterize unknown anomalies (letting the network unprotected for long periods) and the latter requires training over labeled normal traffic, which is a difficult and expensive stage that need to be updated on a regular basis to follow network traffic evolution. Such limitations impose a serious bottleneck to the previously presented problem.We introduce an unsupervised approach to detect and characterize network anomalies, without relying on signatures, statistical training, or labeled traffic, which represents a significant step towards the autonomy of networks. Unsupervised detection is accomplished by means of robust data-clustering techniques, combining Sub-Space clustering with Evidence Accumulation or Inter-Clustering Results Association, to blindly identify anomalies in traffic flows. Correlating the results of several unsupervised detections is also performed to improve detection robustness. The correlation results are further used along other anomaly characteristics to build an anomaly hierarchy in terms of dangerousness. Characterization is then achieved by building efficient filtering rules to describe a detected anomaly. The detection and characterization performances and sensitivities to parameters are evaluated over a substantial subset of the MAWI repository which contains real network traffic traces.Our work shows that unsupervised learning techniques allow anomaly detection systems to isolate anomalous traffic without any previous knowledge. We think that this contribution constitutes a great step towards autonomous network anomaly detection.This PhD thesis has been funded through the ECODE project by the European Commission under the Framework Programme 7. The goal of this project is to develop, implement, and validate experimentally a cognitive routing system that meet the challenges experienced by the Internet in terms of manageability and security, availability and accountability, as well as routing system scalability and quality. The concerned use case inside the ECODE project is network anomaly
APA, Harvard, Vancouver, ISO, and other styles
5

Brauckhoff, Daniela. "Network traffic anomaly detection and evaluation." Aachen Shaker, 2010. http://d-nb.info/1001177746/04.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Udd, Robert. "Anomaly Detection in SCADA Network Traffic." Thesis, Linköpings universitet, Programvara och system, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-122680.

Full text
Abstract:
Critical infrastructure provides us with the most important parts of modern society, electricity, water and transport. To increase efficiency and to meet new demands from the customer remote monitoring and control of the systems is necessary. This opens new ways for an attacker to reach the Supervisory Control And Data Acquisition (SCADA) systems that control and monitors the physical processes involved. This also increases the need for security features specially designed for these settings. Anomaly-based detection is a technique suitable for the more deterministic SCADA systems. This thesis uses a combination of two techniques to detect anomalies. The first technique is an automatic whitelist that learns the behavior of the network flows. The second technique utilizes the differences in arrival times of the network packets. A prototype anomaly detector has been developed in Bro. To analyze the IEC 60870-5-104 protocol a new parser for Bro was also developed. The resulting anomaly detector was able to achieve a high detection rate for three of the four different types of attacks evaluated. The studied methods of detection are promising when used in a highly deterministic setting, such as a SCADA system.
APA, Harvard, Vancouver, ISO, and other styles
7

McGlohon, Mary. "Structural Analysis of Large Networks: Observations and Applications." Research Showcase @ CMU, 2010. http://repository.cmu.edu/dissertations/18.

Full text
Abstract:
Network data (also referred to as relational data, social network data, real graph data) has become ubiquitous, and understanding patterns in this data has become an important research problem. We investigate how interactions in social networks are formed and how these interactions facilitate diffusion, model these behaviors, and apply these findings to real-world problems. We examined graphs of size up to 16 million nodes, across many domains from academic citation networks, to campaign contributions and actor-movie networks. We also performed several case studies in online social networks such as blogs and message board communities. Our major contributions are the following: (a) We discover several surprising patterns in network topology and interactions, such as Popularity Decay power law (in-links to a blog post decay with a power law with -1:5 exponent) and the oscillating size of connected components; (b) We propose generators such as the Butterfly generator that reproduce both established and new properties found in real networks; (c) several case studies, including a proposed method of detecting misstatements in accounting data, where using network effects gave a significant boost in detection accuracy.
APA, Harvard, Vancouver, ISO, and other styles
8

Turcotte, Melissa. "Anomaly detection in dynamic networks." Thesis, Imperial College London, 2013. http://hdl.handle.net/10044/1/24673.

Full text
Abstract:
Anomaly detection in dynamic communication networks has many important security applications. These networks can be extremely large and so detecting any changes in their structure can be computationally challenging; hence, computationally fast, parallelisable methods for monitoring the network are paramount. For this reason the methods presented here use independent node and edge based models to detect locally anomalous substructures within communication networks. As a first stage, the aim is to detect changes in the data streams arising from node or edge communications. Throughout the thesis simple, conjugate Bayesian models for counting processes are used to model these data streams. A second stage of analysis can then be performed on a much reduced subset of the network comprising nodes and edges which have been identified as potentially anomalous in the first stage. The first method assumes communications in a network arise from an inhomogeneous Poisson process with piecewise constant intensity. Anomaly detection is then treated as a changepoint problem on the intensities. The changepoint model is extended to incorporate seasonal behaviour inherent in communication networks. This seasonal behaviour is also viewed as a changepoint problem acting on a piecewise constant Poisson process. In a static time frame, inference is made on this extended model via a Gibbs sampling strategy. In a sequential time frame, where the data arrive as a stream, a novel, fast Sequential Monte Carlo (SMC) algorithm is introduced to sample from the sequence of posterior distributions of the changepoints over time. A second method is considered for monitoring communications in a large scale computer network. The usage patterns in these types of networks are very bursty in nature and don't fit a Poisson process model. For tractable inference, discrete time models are considered, where the data are aggregated into discrete time periods and probability models are fitted to the communication counts. In a sequential analysis, anomalous behaviour is then identified from outlying behaviour with respect to the fitted predictive probability models. Seasonality is again incorporated into the model and is treated as a changepoint model on the transition probabilities of a discrete time Markov process. Second stage analytics are then developed which combine anomalous edges to identify anomalous substructures in the network.
APA, Harvard, Vancouver, ISO, and other styles
9

Ioannidou, Polyxeni. "Anomaly Detection in Computer Networks." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-295762.

Full text
Abstract:
In this degree project, we study the anomaly detection problem in log files of computer networks. In particular, we try to find an efficient way to detect anomalies in our data, which consist of different logging messages from different systems in CERN’s network for the LHC-b experiment. The contributions of the thesis are double: 1) The thesis serves as a survey on how we can detect threats, and errors in systems that are logging a huge amount of messages in the databases of a computer network. 2) Scientists in the LHC-b experiment make use of the Elasticsearch, which is an open source search engine and logging platform with great reputation, providing log monitoring, as well as data stream processing. Moreover, the Elasticsearch provides a machine learning feature that automatically models the behavior of the data, learning trends, and periodicity to identify anomalies. Alternatively to the Elasticsearch machine learning feature, we build, test and evaluate some machine learning models that can be used for the same purpose from the scientists of the experiment. We further provide results that our models generalize well to unseen log messages in the database.<br>I detta examensarbete studerar vi problemet med att upptäcka avvikelser i loggfiler från ett datanätverk. Specifikt försöker vi hitta ett effektivt sätt att upptäcka avvikelser i datan, som består av olika loggningsmeddelanden från olika system i CERNs nätverk för LHC-b-experimentet. Avhandlingens dubbla bidrag är: 1)Avhandlingen kan anses som en undersökning om hur vi kan upptäcka hot och fel i system som loggar en enorm mängd meddelanden i databaser från ett datanätverk. 2) Forskare i LHC-bexperimentet använder sig av Elasticsearch, som är en sökmotor och loggningsplattform med öppen källkod och ett avsevärt rykte, som tillhandahåller loggövervakning och automatisk datahantering. Dessutom är Elasticsearch försedd med en maskinlärningsfunktion som automatiskt modellerar beteenden med hjälp av data, trender och periodicitet för att identifiera avvikelser. Vi bygger, testar och utvärderar ett fåtal maskininlärningsmodeller som ett alternativt till Elasticsearch maskininlärningsfunktion. Forskarna i experimentet kan använda maskininlärningsmodellerna till samma ändamål som Elasticsearch maskininlärningsfunktion. Vi presenterar också resultat som visar att våra modeller generaliserar väl för osedda loggmeddelanden i databasen.
APA, Harvard, Vancouver, ISO, and other styles
10

Alkadi, Alaa. "Anomaly Detection in RFID Networks." UNF Digital Commons, 2017. https://digitalcommons.unf.edu/etd/768.

Full text
Abstract:
Available security standards for RFID networks (e.g. ISO/IEC 29167) are designed to secure individual tag-reader sessions and do not protect against active attacks that could also compromise the system as a whole (e.g. tag cloning or replay attacks). Proper traffic characterization models of the communication within an RFID network can lead to better understanding of operation under “normal” system state conditions and can consequently help identify security breaches not addressed by current standards. This study of RFID traffic characterization considers two piecewise-constant data smoothing techniques, namely Bayesian blocks and Knuth’s algorithms, over time-tagged events and compares them in the context of rate-based anomaly detection. This was accomplished using data from experimental RFID readings and comparing (1) the event counts versus time if using the smoothed curves versus empirical histograms of the raw data and (2) the threshold-dependent alert-rates based on inter-arrival times obtained if using the smoothed curves versus that of the raw data itself. Results indicate that both algorithms adequately model RFID traffic in which inter-event time statistics are stationary but that Bayesian blocks become superior for traffic in which such statistics experience abrupt changes.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Network anomally"

1

Bhuyan, Monowar H., Dhruba K. Bhattacharyya, and Jugal K. Kalita. Network Traffic Anomaly Detection and Prevention. Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-65188-0.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Network anomaly detection: A machine learning perspective. CRC Press, Taylor & Francis Group, 2014.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Burbeck, Kalle. Adaptive real-time anomaly detection for safeguarding critical networks. Department of Computer and Information Science, Linköpings universitet, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Usman, Muhammad, Vallipuram Muthukkumarasamy, Xin-Wen Wu, and Surraya Khanum. Mobile Agent-Based Anomaly Detection and Verification System for Smart Home Sensor Networks. Springer Singapore, 2018. http://dx.doi.org/10.1007/978-981-10-7467-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Satellite anomalies: Benefits of a centralized anomaly database and methods for securely sharing information among satellite operators. RAND, 2014.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Biersack, Ernst. Data Traffic Monitoring and Analysis: From Measurement, Classification, and Anomaly Detection to Quality of Experience. Springer Berlin Heidelberg, 2013.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Kalita, Jugal K., Monowar H. Bhuyan, and Dhruba K. Bhattacharyya. Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools. Springer, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Kalita, Jugal K., Monowar H. Bhuyan, and Dhruba K. Bhattacharyya. Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools. Springer, 2017.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Manikopoulos, Constantine N. Intrusion Detection and Network Security: Statistical Anomaly Approaches (Signal Processing and Communications). CRC, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Tari, Zahir, Adil Fahad, Abdulmohsen Almalawi, and Xun Yi. Network Classification for Traffic Management: Anomaly Detection, Feature Selection, Clustering and Classification. Institution of Engineering & Technology, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Network anomally"

1

Hood, C. S., and C. Ji. "Automated Proactive Anomaly Detection." In Integrated Network Management V. Springer US, 1997. http://dx.doi.org/10.1007/978-0-387-35180-3_51.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Leppänen, Rony Franca, and Timo Hämäläinen. "Network Anomaly Detection in Wireless Sensor Networks: A Review." In Lecture Notes in Computer Science. Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-30859-9_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Darsh, P., and R. Rahul. "Performance Analysis of Network Anomaly Detection Systems in Consumer Networks." In Lecture Notes in Networks and Systems. Springer Singapore, 2020. http://dx.doi.org/10.1007/978-981-15-4218-3_21.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Ravinder Reddy, R., K. Ayyappa Reddy, C. Madan Kumar, and Y. Ramadevi. "Detection of Network Anomaly Sequences Using Deep Recurrent Neural Networks." In Smart Computing Techniques and Applications. Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-1502-3_60.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Reddy, Suresh, and Sukumar Nandi. "Enhanced Network Traffic Anomaly Detector." In Distributed Computing and Internet Technology. Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11604655_45.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Farraposo, Sílvia, Philippe Owezarski, and Edmundo Monteiro. "NADA – Network Anomaly Detection Algorithm." In Managing Virtualization of Networks and Services. Springer Berlin Heidelberg, 2007. http://dx.doi.org/10.1007/978-3-540-75694-1_18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Alla, Sridhar, and Suman Kalyan Adari. "Temporal Convolutional Networks." In Beginning Anomaly Detection Using Python-Based Deep Learning. Apress, 2019. http://dx.doi.org/10.1007/978-1-4842-5177-5_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Cheng, En, Hai Jin, Zongfen Han, and Jianhua Sun. "Network-Based Anomaly Detection Using an Elman Network." In Networking and Mobile Computing. Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11534310_51.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Lin, Xin-Xue, En-Hau Yeh, and Phone Lin. "Anomaly Detection for IoT Systems." In Encyclopedia of Wireless Networks. Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-319-78262-1_183.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Lin, Xin-Xue, En-Hau Yeh, and Phone Lin. "Anomaly Detection for IoT Systems." In Encyclopedia of Wireless Networks. Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-319-32903-1_183-1.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Network anomally"

1

Li, Jundong, Harsh Dani, Xia Hu, and Huan Liu. "Radar: Residual Analysis for Anomaly Detection in Attributed Networks." In Twenty-Sixth International Joint Conference on Artificial Intelligence. International Joint Conferences on Artificial Intelligence Organization, 2017. http://dx.doi.org/10.24963/ijcai.2017/299.

Full text
Abstract:
Attributed networks are pervasive in different domains, ranging from social networks, gene regulatory networks to financial transaction networks. This kind of rich network representation presents challenges for anomaly detection due to the heterogeneity of two data representations. A vast majority of existing algorithms assume certain properties of anomalies are given a prior. Since various types of anomalies in real-world attributed networks co-exist, the assumption that priori knowledge regarding anomalies is available does not hold. In this paper, we investigate the problem of anomaly detection in attributed networks generally from a residual analysis perspective, which has been shown to be effective in traditional anomaly detection problems. However, it is a non-trivial task in attributed networks as interactions among instances complicate the residual modeling process. Methodologically, we propose a learning framework to characterize the residuals of attribute information and its coherence with network information for anomaly detection. By learning and analyzing the residuals, we detect anomalies whose behaviors are singularly different from the majority. Experiments on real datasets show the effectiveness and generality of the proposed framework.
APA, Harvard, Vancouver, ISO, and other styles
2

Shekhar, Prashant, and Rahul Rai. "Anomaly Detection in Complex Spatiotemporal Networks Through Location Aware Geospatial Big Data Sets." In ASME 2016 International Design Engineering Technical Conferences and Computers and Information in Engineering Conference. American Society of Mechanical Engineers, 2016. http://dx.doi.org/10.1115/detc2016-59587.

Full text
Abstract:
Anomaly detection is an important problem that has been researched in several domains. Based on the available data patterns, various supervised and unsupervised anomaly detection techniques have been introduced. In this paper, a novel anomaly detection technique for location aware geospatial big dataset is outlined. Specifically, we focus on anomaly detection in spatiotemporal complex networks. The outlined technique incorporates components of anomaly quantification and decision making on spatiotemporal graphs and embeds simultaneous learning and detection procedures. The magnitude of an anomaly at each time step is quantified to signify the pattern of anomalous behavior in the spatiotemporal network. We illustrate the efficacy of the proposed method by detecting and indicating the time and location of a single or multiple anomalies in an illustrative traffic network problem. Theoretical experiments on a suite of six randomly generated traffic network problems have been performed. The performance of the proposed algorithm with tuned parameters on this random set of problem instances clearly establishes the effectiveness and applicability of the introduced solution procedure.
APA, Harvard, Vancouver, ISO, and other styles
3

Peng, Zhen, Minnan Luo, Jundong Li, Huan Liu, and Qinghua Zheng. "ANOMALOUS: A Joint Modeling Approach for Anomaly Detection on Attributed Networks." In Twenty-Seventh International Joint Conference on Artificial Intelligence {IJCAI-18}. International Joint Conferences on Artificial Intelligence Organization, 2018. http://dx.doi.org/10.24963/ijcai.2018/488.

Full text
Abstract:
The key point of anomaly detection on attributed networks lies in the seamless integration of network structure information and attribute information. A vast majority of existing works are mainly based on the Homophily assumption that implies the nodal attribute similarity of connected nodes. Nonetheless, this assumption is untenable in practice as the existence of noisy and structurally irrelevant attributes may adversely affect the anomaly detection performance. Despite the fact that recent attempts perform subspace selection to address this issue, these algorithms treat subspace selection and anomaly detection as two separate steps which often leads to suboptimal solutions. In this paper, we investigate how to fuse attribute and network structure information more synergistically to avoid the adverse effects brought by noisy and structurally irrelevant attributes. Methodologically, we propose a novel joint framework to conduct attribute selection and anomaly detection as a whole based on CUR decomposition and residual analysis. By filtering out noisy and irrelevant node attributes, we perform anomaly detection with the remaining representative attributes. Experimental results on both synthetic and real-world datasets corroborate the effectiveness of the proposed framework.
APA, Harvard, Vancouver, ISO, and other styles
4

Liu, Ninghao, Xiao Huang, and Xia Hu. "Accelerated Local Anomaly Detection via Resolving Attributed Networks." In Twenty-Sixth International Joint Conference on Artificial Intelligence. International Joint Conferences on Artificial Intelligence Organization, 2017. http://dx.doi.org/10.24963/ijcai.2017/325.

Full text
Abstract:
Attributed networks, in which network connectivity and node attributes are available, have been increasingly used to model real-world information systems, such as social media and e-commerce platforms. While outlier detection has been extensively studied to identify anomalies that deviate from certain chosen background, existing algorithms cannot be directly applied on attributed networks due to the heterogeneous types of information and the scale of real-world data. Meanwhile, it has been observed that local anomalies, which may align with global condition, are hard to be detected by existing algorithms with interpretability. Motivated by the observations, in this paper, we propose to study the problem of effective and efficient local anomaly detection in attributed networks. In particular, we design a collective way for modeling heterogeneous network and attribute information, and develop a novel and efficient distributed optimization algorithm to handle large-scale data. In the experiments, we compare the proposed framework with the state-of-the-art methods on both real and synthetic datasets, and demonstrate its effectiveness and efficiency through quantitative evaluation and case studies.
APA, Harvard, Vancouver, ISO, and other styles
5

Si, Wen, Jianghai Li, Ronghong Qu, and Xiaojin Huang. "Anomaly Detection for Network Traffic of I&C Systems Based on Neural Network." In 2020 International Conference on Nuclear Engineering collocated with the ASME 2020 Power Conference. American Society of Mechanical Engineers, 2020. http://dx.doi.org/10.1115/icone2020-16900.

Full text
Abstract:
Abstract Anomaly detection is significant for the cybersecurity of the I&amp;C systems at nuclear power plants. There are a large number of network packets generated in the network traffic of the I&amp;C systems. There are many attributes of the network traffic can used for anomaly detection. The structure of the network packets is analyzed in detail with examples. Then, Features are extracted from network packets. An unsupervised neural network called autoencoder is applied for anomaly detection. Training and testing database are captured from a physical PLC system which simulates a water level control system. The result of the test results shows that the neural network can detect anomaly successfully.
APA, Harvard, Vancouver, ISO, and other styles
6

Globa, L., Y. Demidova, and M. Ternovoy. "Network Anomaly Detection using Neural Networks." In 2006 16th International Crimean Microwave and Telecommunication Technology. IEEE, 2006. http://dx.doi.org/10.1109/crmico.2006.256445.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Andropov, Sergey, Alexei Guirik, Mikhail Budko, and Marina Budko. "Network anomaly detection using artificial neural networks." In 2017 20th Conference of Open Innovations Association (FRUCT). IEEE, 2017. http://dx.doi.org/10.23919/fruct.2017.8071288.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Salimi Naneh Karan, Farshad, and Subhadeep Chakraborty. "Detecting Behavioral Anomaly in Social Networks Using Symbolic Dynamic Filtering." In ASME 2015 Dynamic Systems and Control Conference. American Society of Mechanical Engineers, 2015. http://dx.doi.org/10.1115/dscc2015-9643.

Full text
Abstract:
This paper investigates the use of Symbolic Dynamic Filtering (SDF) algorithms in detecting anomalous behavior trends in social networks. Data is generated from an agent-based discrete choice model, which relies on a Markov Decision Process framework for stochastic simulation of decision-making in a social setting, where choices and decisions by individuals are influenced by social interactions. We show that such collective imitative behavior leads to rapid unstable fluctuations in the society, the fluctuation statistics being a weak function of the number of extremist nodes present in the network as well as the prevailing political climate. In this paper, using a time-trace of global opinions in the said society, we investigate the effectiveness of SDF in estimating the number of extremist nodes in a network, and studying the role of unpopular government policies as an enabler of political instability. Spread of influence and ‘recruiting’ by extremist groups through social networks has become an important political issue in recent years. This study is a step in the direction of building tools to preempt and intervene such efforts.
APA, Harvard, Vancouver, ISO, and other styles
9

Prado D'Andrada, Luís Felipe, Paulo Freitas de Araujo-Filho, and Divanilson Rodrigo Campelo. "A Real-time Anomaly-based Intrusion Detection System for Automotive Controller Area Networks." In Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. Sociedade Brasileira de Computação, 2020. http://dx.doi.org/10.5753/sbrc.2020.12316.

Full text
Abstract:
The Controller Area Network (CAN) is the most pervasive in-vehiclenetwork technology in cars. However, since CAN was designed with no securityconcerns, solutions to mitigate cyber attacks on CAN networks have been pro-posed. Prior works have shown that detecting anomalies in the CAN networktraffic is a promising solution for increasing vehicle security. One of the mainchallenges in preventing a malicious CAN frame transmission is to be able todetect the anomaly before the end of the frame. This paper presents a real-timeanomaly-based Intrusion Detection System (IDS) capable of meeting this dead-line by using the Isolation Forest detection algorithm implemented in a hardwaredescription language. A true positive rate higher than 99% is achieved in testscenarios. The system requires less than 1μs to evaluate a frame’s payload, thusbeing able to detect the anomaly before the end of the frame.
APA, Harvard, Vancouver, ISO, and other styles
10

Kim, Si-Jung, Bong-Han Kim, Sang-Soo Yeo, and Do-Eun Cho. "Network Anomaly Detection for M-Connected SCADA Networks." In 2013 Eighth International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA). IEEE, 2013. http://dx.doi.org/10.1109/bwcca.2013.61.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Network anomally"

1

Turcotte, Melissa. Anomaly Detection in Dynamic Networks. Office of Scientific and Technical Information (OSTI), 2014. http://dx.doi.org/10.2172/1160097.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Coleman, Todd P. Low-Complexity Methods for Provably Good Information Transmission and Network Anomaly Detection via Packet Timings In Networks. Defense Technical Information Center, 2011. http://dx.doi.org/10.21236/ada549164.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Corley, Michael J. Anomaly Detection in Disparate Computer Networks. Defense Technical Information Center, 2005. http://dx.doi.org/10.21236/ada443328.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Subrahmanian, V. S. ADEN: Anomaly Detection Engine for Networks. Defense Technical Information Center, 2013. http://dx.doi.org/10.21236/ada598209.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Zhang, Pengchu C., and Nancy Ann Durgin. Profile-based adaptive anomaly detection for network security. Office of Scientific and Technical Information (OSTI), 2005. http://dx.doi.org/10.2172/875979.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Barford, Paul. Coordinated Anomaly Detection and Characterization in Wide Area Network Flows. Defense Technical Information Center, 2005. http://dx.doi.org/10.21236/ada440956.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Xie, Bin. AnomLoc: A perfSONAR-based Distributed Network Anomaly Detection and Localization. Office of Scientific and Technical Information (OSTI), 2017. http://dx.doi.org/10.2172/1464216.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Willett, Rebecca. Density Estimation and Anomaly Detection in Large Social Networks. Defense Technical Information Center, 2014. http://dx.doi.org/10.21236/ada610336.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Hunt, Brian R., Edward Ott, and James A. Yorke. Chaotic Models and Anomaly Detection for Complex Data Networks. Defense Technical Information Center, 2012. http://dx.doi.org/10.21236/ada563464.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Chen, Yan. HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System. Office of Scientific and Technical Information (OSTI), 2013. http://dx.doi.org/10.2172/1108982.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Network anomally' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography