Distribution-based anomaly detection via generalized likelihood ratio test: A general Maximum Entropy approach

Computer Networks

Volumn 57, Issue 17, 2013, Pages 3446-3462

  Coluccia, A ^a   D'Alconzo, A ^b   Ricciato, F ^a  

^a UNIVERSITY OF SALENTO   (Italy)

^b TELECOMMUNICATIONS RESEARCH CENTER VIENNA FTW   (Austria)

Author keywords

3G cellular networks; Anomaly detection; Generalized Likelihood Ratio Test (GLRT); Maximum Entropy (ME); Maximum Likelihood (ML); Network traffic

Indexed keywords

3G CELLULAR NETWORKS; ANOMALY DETECTION; EMPIRICAL DISTRIBUTIONS; GENERALIZED LIKELIHOOD RATIO TEST; GENERALIZED LIKELIHOOD-RATIO TESTS; MAXIMUM ENTROPY MODELS; MAXIMUM-ENTROPY APPROACHES; NETWORK TRAFFIC;

DETECTORS; NUMERICAL METHODS;

MAXIMUM ENTROPY METHODS;

EID: 84887047298     PISSN: 13891286     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.comnet.2013.07.028     Document Type: Article

References (50)

1. H. Yang, F. Ricciato, S. Lu, and L. Zhang Securing a wireless world IEEE Proceedings 94 2 2006
2. P. Traynor, P. McDaniel, T. La Porta. On attack causality in internet-connected cellular networks, in: USENIX Security'07, August 2007.
3. Ricciato A review of DoS attack models for 3G cellular networks from a system-design perspective Computer Communications 33 5 2010
4. M. Thottan, G. Liu, and C. Ji Anomaly detection approaches for communication network Algorithms for Next Generation Networks 2010 Springer London 239 261
5. A. Patcha, and J.M. Park An overview of anomaly detection techniques: existing solutions and latest technological trends Computer Networks 51 2007
6. P. Traynor, P. McDaniel, and T. La Porta Security for Telecommunications Networks 2008 Springer
7. R. Sekar et al., Specification-based anomaly detection: a new approach for detecting network intrusions, in: ACM CCS'02, November 2002.
8. Haining Wang, Danlu Zhang, Kang G. Shin, Detecting syn flooding attacks, in: INFOCOM 2002, vol. 3, 2002, pp. 23-27.
9. Lee et al., On the Detection of signaling DoS attacks on 3G wireless networks, in: IEEE INFOCOM'07, May 2007.
10. Lakhina, Structural analysis of network traffic flows, in: ACM SIGMETRICS, June 2004.
11. A. Coluccia, A. D'Alconzo, F. Ricciato, Distribution-based anomaly detection in network traffic, in: Data Traffic Monitoring and Analysis: From Measurement, Classification, and Anomaly Detection to Quality of Experience, Lecture Notes in Computer Science, vol. 7754, Springer, 2013, pp. 202-216.
12. F. Simmross-Wattenberg, J.I. Asensio-Pérez, P. Casaseca-de-la Higuera, M. Martín-Fernández, I.A. Dimitriadis, and C. Alberola-López Anomaly detection in network traffic based on statistical inference and α-stable modeling IEEE Transactions on Dependable and Secure Computing 8 4 2011
13. A. Lakhina, M. Crovella, C. Diot, Diagnosing network-wide traffic anomalies, in: ACM SIGCOMM, 2004.
14. A. Lakhina, M. Crovella, C. Diot, Mining anomalies using traffic feature, in: ACM SIGCOMM, 2005.
15. H. Ringberg, A. Soule, J. Rexford, C. Diot, Sensitivity of PCA for traffic anomaly detection, in: ACM SIGMETRICS, 2007.
16. X. Guan, T. Qin, W. Li, and P. Wang Dynamic feature analysis and measurement for large-scale network trafc monitoring IEEE Transactions on Information Forensics and Security 5 2010
17. A. Ziviani, A. Tadeu, A. Gomes, M. Monsores, and P. Rodrigues Network anomaly detection using nonextensive entropy IEEE Communications Letters 11 2007
18. Dasu et al., An information-theoretic approach to detecting changes in multi-dimensional data streams, in: INTERFACE'06, 2006.
19. A. D'Alconzo, A. Coluccia, F. Ricciato, P. Romirer-Meierhofer, A distribution-based approach to anomaly detection for 3G mobile networks, in: IEEE Globecom, 2009.
20. Y. Xiang, K. Li, and W. Zhou Low-rate ddos attacks detection and traceback by using new information metrics IEEE Transactions on Information Forensics and Security 6 2011
21. W. Lee, D. Xiang, Information theoretic measures for anomaly detection, in: Symposium on Security and Privacy, 2001.
22. M. Celenk, T. Conley, and J. Willis Predictive network anomaly detection and visualization IEEE Transactions on Information Forensics and Security 5 2010
23. Y. Gu, A. McCallum, D. Towsley, Detecting anomalies in network traffic using maximum entropy estimation, in: IMC, 2005.
24. Barford et al., A signal analysis of network traffic anomalies, in: ACM SIGCOMM'02, 2002.
25. P. Huang, A. Feldmann, W. Willinger, A non-intrusive, wavelet-based approach to detecting network performance problems, in: 1st ACM SIGCOMM Workshop on Internet Measurements, 2001.
26. C.-Y. Chen, K.-D. Chang, and H.-C. Chao Transaction-pattern-based anomaly detection algorithm for IP multimedia subsystem IEEE Transactions on Information Forensics and Security 6 2011
27. A. D'Alconzo, A. Coluccia, and P. Romirer-Meierhofer Distribution-based anomaly detection in 3G mobile networks: from theory to practice International Journal of Network Management 2010
28. Della Pietra Inducing features of random fields IEEE Transactions on Pattern Analysis and Machine Intelligence 19 4 1997
29. Berger, and Della Pietra Computational Linguistics 22 1996
30. G. Maier, A. Feldmann, V. Paxson, M. Allman, On dominant characteristics of residential broadband internet traffic, in: IEEE IMC, 2009.
31. Burgess Measuring system normality ACM Transactions on Computer Systems 20 2002
32. F. Ricciato, A. Coluccia, A. D'Alconzo, D. Veitch, P. Borgnat, P. Abry, On the role of flows and sessions in internet traffic modeling: an explorative toy-model, in: IEEE Globecom, 2009.
33. V. Kreinovich, S.F.L. Longpre, and L. Ginzburg Why is selecting the simplest hypothesis (consistent with data) a good idea? A simple explanation Bulletin of the European Association for Theoretical Computer Science (EATCS) 77 2002
34. W. Kirchherr, M. Li, and P. Vitanyi The miraculous universal distribution The Mathematical Intelligencer 19 1997
35. S. Guiasu, and A. Shenitzer The principle of maximum entropy The Mathematical Intelligencer 7 1985
36. E.T. Jaynes Information theory and statistical mechanics i/ii Physical Review 106/108 1957
37. E.T. Jaynes On the rationale of maximum-entropy methods Proceedings of the IEEE 70 1982
38. E.T. Jaynes Notes on present status and future prospects Maximum Entropy and Bayesian Methods 1990
39. L.H. Roberts A discipline for the avoidance of unnecessary assumptions ASTIN Bulletin 1971
40. R. Bowen Equilibrium States and the Ergodic Theory of Anosov Diffeomorphisms 470 1975 Springer, LN in Mathematics
41. K.R. Mecke, and D. Stoyan Statistical Physics and Spatial Statistics: The Art of Analyzing and Modeling Spatial Structures and Pattern Formation 2000 Springer
42. H.-O. Georgii Gibbs Measures and Phase Transitions de Gruyter 1988
43. S. Kullback, and R.A. Leibler On information and sufficiency Annals of Mathematics Statistics 22 1951
44. D. Koller, M. Sahami, Toward optimal feature selection, in: Int'l Conf. on Machine Learn., 1996.
45. Navot Is feature selection still necessary? Subspace, Latent Structure and Feature Selection 2006 LNCS (Springer)
46. J.N. Darroch, and D. Ratcliff Generalized iterative scaling for log-linear models Annals of Mathematical Statistics 43 5 1972
47. R. Malouf, A comparison of algorithms for maximum entropy parameter estimation, in: Sixth Conf. on Natural Language Learning, 2002.
48. H.L. Van Trees Detection, Estimation, and Modulation Theory 2001 J. Wiley & Sons
49. V.N. Vapnik Statistical Learning Theory 1998 J. Wiley & Sons
50. A. Soule, K. Salamatian, N. Taft, Combining filtering and statistical methods for anomaly detection, in: IMC '05, 2005.