基于鲁棒PCA的网络流量无监督异常检测

2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07) Pub Date : 2007-03-04 DOI:10.1109/ICCGI.2007.62

R. Kwitt, U. Hofmann

{"title":"基于鲁棒PCA的网络流量无监督异常检测","authors":"R. Kwitt, U. Hofmann","doi":"10.1109/ICCGI.2007.62","DOIUrl":null,"url":null,"abstract":"This paper points out the need for unsupervised anomaly detection in the context of instrusion detection systems. Our work is based on an approach which employs principal component analysis (PCA) in order to detect anomalies in measurements of certain network traffic parameters. We discuss the problem of contaminated training data and propose to use PCA on the basis of robust estimators to overcome the necessity of a supervised preprocessing step.","PeriodicalId":102568,"journal":{"name":"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)","volume":"245 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"34","resultStr":"{\"title\":\"Unsupervised Anomaly Detection in Network Traffic by Means of Robust PCA\",\"authors\":\"R. Kwitt, U. Hofmann\",\"doi\":\"10.1109/ICCGI.2007.62\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper points out the need for unsupervised anomaly detection in the context of instrusion detection systems. Our work is based on an approach which employs principal component analysis (PCA) in order to detect anomalies in measurements of certain network traffic parameters. We discuss the problem of contaminated training data and propose to use PCA on the basis of robust estimators to overcome the necessity of a supervised preprocessing step.\",\"PeriodicalId\":102568,\"journal\":{\"name\":\"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)\",\"volume\":\"245 1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-03-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"34\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCGI.2007.62\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCGI.2007.62","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 34

摘要

本文指出了在入侵检测系统中进行无监督异常检测的必要性。我们的工作是基于一种方法，采用主成分分析(PCA)，以检测某些网络流量参数的测量异常。我们讨论了受污染的训练数据的问题，并提出使用基于鲁棒估计的PCA来克服监督预处理步骤的必要性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Unsupervised Anomaly Detection in Network Traffic by Means of Robust PCA

This paper points out the need for unsupervised anomaly detection in the context of instrusion detection systems. Our work is based on an approach which employs principal component analysis (PCA) in order to detect anomalies in measurements of certain network traffic parameters. We discuss the problem of contaminated training data and propose to use PCA on the basis of robust estimators to overcome the necessity of a supervised preprocessing step.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)

自引率

0.00%

发文量