IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection

A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection
View Sample PDF
Author(s): Stevan Novakov (Carleton University, Canada), Chung-Horng Lung (Carleton University, Canada), Ioannis Lambadaris (Carleton University, Canada)and Nabil Seddigh (Solana Networks, Canada)
 Copyright: 2015
 Pages: 29
 Source title: Research Methods: Concepts, Methodologies, Tools, and Applications
Source Author(s)/Editor(s): Information Resources Management Association (USA)
 DOI: 10.4018/978-1-4666-7456-1.ch034

Purchase

View A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection on the publisher's website for pricing and purchasing information.

Abstract

Research into network anomaly detection has become crucial as a result of a significant increase in the number of computer attacks. Many approaches in network anomaly detection have been reported in the literature, but data or solutions typically are not freely available. Recently, a labeled network traffic flow dataset, Kyoto2006+, has been created and is publicly available. Most existing approaches using Kyoto2006+ for network anomaly detection apply various clustering techniques. This paper leverages existing well known statistical analysis and spectral analysis techniques for network anomaly detection. The first popular approach is a statistical analysis technique called Principal Component Analysis (PCA). PCA describes data in a new dimension to unlock otherwise hidden characteristics. The other well known spectral analysis technique is Haar Wavelet filtering analysis. It measures the amount and magnitude of abrupt changes in data. Both approaches have strengths and limitations. In response, this paper proposes a Hybrid PCA–Haar Wavelet Analysis. The hybrid approach first applies PCA to describe the data and then Haar Wavelet filtering for analysis. Based on prototyping and measurement, an investigation of the Hybrid PCA–Haar Wavelet Analysis technique is performed using the Kyoto2006+ dataset. The authors consider a number of parameters and present experimental results to demonstrate the effectiveness of the hybrid approach as compared to the two algorithms individually.

Related Content

Tutita M. Casa, Fabiana Cardetti, Madelyn W. Colonnese. © 2024. 14 pages.
R. Alex Smith, Madeline Day Price, Tessa L. Arsenault, Sarah R. Powell, Erin Smith, Michael Hebert. © 2024. 19 pages.
Marta T. Magiera, Mohammad Al-younes. © 2024. 27 pages.
Christopher Dennis Nazelli, S. Asli Özgün-Koca, Deborah Zopf. © 2024. 31 pages.
Ethan P. Smith. © 2024. 22 pages.
James P. Bywater, Sarah Lilly, Jennifer L. Chiu. © 2024. 20 pages.
Ian Jones, Jodie Hunter. © 2024. 20 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.