| Presentation | 2014-07-10 Human Error Tolerant Anomaly Detection through Time-Periodic Packet Sampling Masato UCHIDA, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | This paper focuses on an anomaly detection method that uses a baseline model describing the normal behavior of network traffic as the basis for comparison with the audit network traffic. In the anomaly detection method, an alarm is raised if a pattern in the current network traffic deviates from the baseline model. The baseline model is often trained using normal traffic data extracted from traffic data for which all instances (i.e., packets) are manually labeled by human experts in advance as either normal or anomalous. However, since humans are fallible, some errors are inevitable in labeling traffic data. Therefore, in this paper, we propose an anomaly detection method that is tolerant to human errors in labeling traffic data. The fundamental idea behind the proposed method is to take advantage of the lossy nature of packet sampling for the purpose of correcting/preventing human errors in labeling traffic data. By using real traffic traces, we show that the proposed method can better detect anomalies regarding TCP SYN packets than the method that relies only on human labeling. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | anomaly detection / human error / packet sampling |
| Paper # | CQ2014-16 |
| Date of Issue |
| Conference Information | |
| Committee | CQ |
|---|---|
| Conference Date | 2014/7/3(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Communication Quality (CQ) |
|---|---|
| Language | ENG |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Human Error Tolerant Anomaly Detection through Time-Periodic Packet Sampling |
| Sub Title (in English) | |
| Keyword(1) | anomaly detection |
| Keyword(2) | human error |
| Keyword(3) | packet sampling |
| 1st Author's Name | Masato UCHIDA |
| 1st Author's Affiliation | Department of Electrical, Electronics and Computer Engineering, Chiba Institute of Technology() |
| Date | 2014-07-10 |
| Paper # | CQ2014-16 |
| Volume (vol) | vol.114 |
| Number (no) | 131 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |