FL-LPVG:AN APPROACH FOR ANOMALY DETECTION BASED ON FLOW-LEVEL LIMITED PENETRABLE VISIBILITY GRAPH
Network-based anomaly detection methods monitor network traffic to discover its potential anomaly behaviors.Due to the hysteresis and incompleteness of the signature establishment as well as the inaccuracy of statistics probability model,the effectiveness of traditional signature-based and statistics-based anomaly detection methods are directly restricted.Besides,the species and complexity of anomaly behaviors are varying so fast along with the outbreak of network traffic and the influence of high-speed access.It is difficult to detect and identify anomaly behaviors accurately based on several features of actual network traffic.Anomaly detection is facing the challenge of big data processing and dimensionality reduction of highdimensional data.In this paper,we propose an anomaly detection approach based on flow-level limited penetrable visibility graph (FL-LPVG),which constructs complex networks based on the network flow series.This method mines structural behavior patterns of the associated graph and detects anomaly traffic through data mining and entropy-based information theoretic techniques.Experiments on KDD Cup 99 dataset demonstrate that this method greatly simplify the process of anomaly detection,and effectively reduce dimensionality of high-dimensional data,and at the same time this method gets a good detection effect.
Limited Penetrable Visibility Graph Anomaly Detection Anomaly Classification Machine Learning
Y.B.Luo B.S.Wang Y.P.Sun B.F.Zhang X.M.Chen
College of computer, National University of Defense Technology, Changsha, China
国际会议
2013 International Conference on Information and Network Security(2013信息与网络安全国际会议)
北京
英文
149-155
2013-11-22(万方平台首次上网日期,不代表论文的发表时间)