A PCA-based method for IoT network traffic anomaly detection

2018 20th International Conference on Advanced Communication Technology (ICACT) Pub Date : 2018-02-01 DOI:10.23919/ICACT.2018.8323765

Dang-Hai Hoang, H. Nguyen

{"title":"A PCA-based method for IoT network traffic anomaly detection","authors":"Dang-Hai Hoang, H. Nguyen","doi":"10.23919/ICACT.2018.8323765","DOIUrl":null,"url":null,"abstract":"Network operators need effective tools to quickly detect anomalies in traffic data for identifying network attacks. In contrast to traditional Internet, anomaly detection in IoT (Internet of Things) networks is becoming a challenge task due to limited network resources and performance. Comprehensive detection methods are no longer effective for IoT networks, calling for developing lightweight solutions. Methods using Principal Component Analysis (PCA) is an attractive approach due to complexity reduction. Anomaly detection techniques based on PCA received a lot of attention in the past. However, there are remaining issues by applying PCA such as the choice of principal components for complexity reduction. This paper investigates PCA techniques used in previous typical research works and proposes a new general formula for distance calculation and a new detection method based on PCA for IoT networks. The paper investigates formula parameters using several experiments. Results indicated that our new method is suitable for quick detection of network traffic anomalies with lower complexity.","PeriodicalId":228625,"journal":{"name":"2018 20th International Conference on Advanced Communication Technology (ICACT)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"57","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 20th International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ICACT.2018.8323765","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 57

Abstract

Network operators need effective tools to quickly detect anomalies in traffic data for identifying network attacks. In contrast to traditional Internet, anomaly detection in IoT (Internet of Things) networks is becoming a challenge task due to limited network resources and performance. Comprehensive detection methods are no longer effective for IoT networks, calling for developing lightweight solutions. Methods using Principal Component Analysis (PCA) is an attractive approach due to complexity reduction. Anomaly detection techniques based on PCA received a lot of attention in the past. However, there are remaining issues by applying PCA such as the choice of principal components for complexity reduction. This paper investigates PCA techniques used in previous typical research works and proposes a new general formula for distance calculation and a new detection method based on PCA for IoT networks. The paper investigates formula parameters using several experiments. Results indicated that our new method is suitable for quick detection of network traffic anomalies with lower complexity.

查看原文本刊更多论文

基于pca的物联网网络流量异常检测方法

网络运营商需要有效的工具来快速检测流量数据中的异常情况，从而识别网络攻击。与传统互联网相比，由于网络资源和性能的限制，物联网(IoT)网络中的异常检测正成为一项具有挑战性的任务。综合检测方法对物联网网络不再有效，需要开发轻量级解决方案。使用主成分分析(PCA)方法是一种有吸引力的方法，因为它降低了复杂性。基于PCA的异常检测技术在过去受到了广泛的关注。然而，应用主成分分析仍然存在一些问题，如降低复杂性的主成分选择。本文对以往典型研究工作中使用的主成分分析技术进行了研究，提出了一种新的物联网网络距离计算通用公式和一种新的基于主成分分析的检测方法。本文通过多次试验对配方参数进行了研究。结果表明，该方法适用于较低复杂度的网络流量异常快速检测。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 20th International Conference on Advanced Communication Technology (ICACT)

自引率

0.00%

发文量