2010 Fiscal Year Final Research Report
Robust Anomaly Detection based on Ensemble Model through Efficient Extraction of Normal Traffic Information
| Project/Area Number |
21700079
|
|---|
| Research Category |
Grant-in-Aid for Young Scientists (B)
|
| Allocation Type | Single-year Grants |
|---|
| Research Field |
Computer system/Network
|
|---|
| Research Institution | Kyushu Institute of Technology |
|---|
Principal Investigator |
UCHIDA Masato Kyushu Institute of Technology, ネットワークデザイン研究センター, 准教授 (20419617)
|
|---|
| Project Period (FY) |
2009 – 2010
|
| Keywords | ネットワーク計測 / 異常トラヒック検知 |
|---|
| Research Abstract |
I proposed an anomaly detection method that trains a baseline model describing the normal behavior of network traffic using normal traffic information which is efficiently extracted through time-periodical packet sampling. In addition, in order to improve detection performance and adjust alarm sensitivity, I proposed an ensemble anomaly detection that collectively exploits multiple baseline models in parallel. Theoretical analysis and testing using actual traffic traces showed that the proposed anomaly detection methods perform well.
|
