Journal
COMPUTER NETWORKS
Volume 205, Issue -, Pages -Publisher
ELSEVIER
DOI: 10.1016/j.comnet.2022.108760
Keywords
Anomaly detection; Network traffic analysis; Cluster analysis
Categories
Funding
- National Key Research and Develop-ment Program of China [2020YFB2009500]
Ask authors/readers for more resources
In this paper, we propose a progressive exploration framework for collective anomaly detection on network traffic based on a clustering method called CCAD. Extensive experiments have shown its high detection rate.
Due to the ever-growing presence of network traffic, there has been a considerable amount of research on anomaly detection in network traffic by clustering. Most of them have not considered the problem that collective anomaly detection in network traffic. Collective anomaly might scatter among multiple clusters when applying the clustering-based algorithms in the anomaly detection. In this paper, we propose a progressive exploration framework for collective anomaly detection on network traffic based on a clustering method, called CCAD. CCAD enables analysts to effectively explore collective anomaly in network traffic. This framework is different from the other anomaly detection methods. It is based on the analysis of the influence of collective anomaly on the clustering results in the network traffic stream data. CCAD framework efficiently supports the collective anomaly exploration. As demonstrated by our extensive experiments with real-world data, CCAD has high detection rate in comparison with other existing methods.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available
Share Paper
