ONTIC: D5.4: Use Case #1 Network Intrusion Detection
Texte intégral
Figure
Documents relatifs
The reason is that streaming flows have intrinsic durations and thus volumes proportional to their rate: in the limiting case where the elastic traffic intensity alone is close
∗ Index Terms: Anomaly Detection, Support Vector Ma- chines (SVMs), One-Class SVMs, Unsupervised Learning, Model Selection, Similarity Measure, Multivariate Time Series (MTS)..
The tool proposed in this paper can be regarded as a starting point for the development of advanced cyber-physical protection systems, that are able to exploit classical fault
Sequential detection (and isolation) of unusual and significant changes in network Origin-Destination (OD) traffic volumes from simple link load measurements is considered in
The method pro- posed in this paper consists of finding a linear parsimonious model of ambient traffic (nuisance parameter) and detecting anomalies by using an invariant
Among available grid clustering algorithms, GDCA (Grid Density-based Clustering Algorithm) [4] offers many advan- tages; it is a density based grid clustering, able to discover
features based on a time sliding window is generic enough so that any detector which is fast enough can be implemented on top of it and thus detect anomalies in a continuous way. The
In order to identify any form of cluster, UNADA is based on a density based grid algorithm DBSCAN (Density-Based Spatial Clustering of Applications with Noise) [8] which takes