scholarly journals A Family of Joint Sparse PCA Algorithms for Anomaly Localization in Network Data Streams

2013 ◽  
Vol 25 (11) ◽  
pp. 2421-2433 ◽  
Author(s):  
Ruoyi Jiang ◽  
Hongliang Fei ◽  
Jun Huan
Keyword(s):  
Data Streams ◽  
Network Data ◽  
Sparse Pca

A Dynamic Subspace Anomaly Detection Method Using Generic Algorithm for Streaming Network Data

2015 ◽  
pp. 403-425
Author(s):  
Ji Zhang
Keyword(s):  
Anomaly Detection ◽  
Data Streams ◽  
Training Data ◽  
Detection Methods ◽  
Network Data ◽  
Data Generation ◽  
Research Attention ◽  
Network Connection ◽  
Dimensional Network ◽  
Anomaly Classification

A great deal of research attention has been paid to data mining on data streams in recent years. In this chapter, the authors carry out a case study of anomaly detection in large and high-dimensional network connection data streams using Stream Projected Outlier deTector (SPOT) that is proposed in Zhang et al. (2009) to detect anomalies from data streams using subspace analysis. SPOT is deployed on 1999 KDD CUP anomaly detection application. Innovative approaches for training data generation, anomaly classification, false positive reduction, and adoptive detection subspace generation are proposed in this chapter as well. Experimental results demonstrate that SPOT is effective and efficient in detecting anomalies from network data streams and outperforms existing anomaly detection methods.

Query-Aware Partitioning for Monitoring Massive Network Data Streams

2008 ◽  
Author(s):  
Theodore Johnson ◽  
S. Muthukrishnan ◽  
Vladislav Shkapenyuk ◽  
Oliver Spatscheck
Keyword(s):  
Data Streams ◽  
Network Data

What's new: finding significant differences in network data streams

2005 ◽  
Vol 13 (6) ◽  
pp. 1219-1232 ◽  
Author(s):  
G. Cormode ◽  
S. Muthukrishnan
Keyword(s):  
Data Streams ◽  
Network Data ◽  
New Finding

scholarly journals SALAD: An Exploration of Split Active Learning based Unsupervised Network Data Stream Anomaly Detection using Autoencoders

2021 ◽  
Author(s):  
Christopher Nixon ◽  
Mohamed Sedky ◽  
Mohamed Hassan
Keyword(s):  
Machine Learning ◽  
Active Learning ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Data Streams ◽  
Data Stream ◽  
Learning Strategy ◽  
Network Data ◽  
Anomaly Detector ◽  
Active Learning Strategy

<div>Machine learning based intrusion detection systems monitor network data streams for cyber attacks. Challenges in this space include detection of unknown attacks, adaptation to changes in the data stream such as changes in underlying behaviour, the human cost of labeling data to retrain the machine learning model and the processing and memory constraints of a real-time data stream. Failure to manage the aforementioned factors could result in missed attacks, degraded detection performance, unnecessary expense or delayed detection times. This research evaluated autoencoders, a type of feed-forward neural network, as online anomaly detectors for network data streams. The autoencoder method was combined with an active learning strategy to further reduce labeling cost and speed up training and adaptation times, resulting in a proposed Split Active Learning Anomaly Detector (SALAD) method. The proposed method was evaluated with the NSL-KDD, KDD Cup 1999, and UNSW-NB15 data sets, using the scikit-multiflow framework. Results demonstrated that a novel Adaptive Anomaly Threshold method, combined with a split active learning strategy offered superior anomaly detection performance with a labeling budget of just 20%, significantly reducing the required human expertise to annotate the network data. Processing times of the autoencoder anomaly detector method were demonstrated to be significantly lower than traditional online learning methods, allowing for greatly improved responsiveness to attacks occurring in real time. Future research areas are applying unsupervised threshold methods, multi-label classification, sample annotation, and hybrid intrusion detection.</div>

Sign in / Sign up

Export Citation Format

Share Document