Traffic Anomaly Detection
()
About this ebook
Traffic Anomaly Detection presents an overview of traffic anomaly detection analysis, allowing you to monitor security aspects of multimedia services. The author's approach is based on the analysis of time aggregation adjacent periods of the traffic.
As traffic varies throughout the day, it is essential to consider the concrete traffic period in which the anomaly occurs. This book presents the algorithms proposed specifically for this analysis and an empirical comparative analysis of those methods and settle a new information theory based technique, named "typical day analysis".
- A new information-theory based technique for traffic anomaly detection (typical day analysis)
- Introductory chapters to anomaly detection methods including control charts, tests of goodness-of-fit Mutual Information
- Contains comparative analysis of traffic anomaly detection methods
Antonio Cuadra-Sánchez
Antonio Cuadra-Sanchez is a Telecommunications Engineer (MSc) from the University of Cantabria (Spain). He also holds a Masters degree in Computing and communications from the University Autonoma of Madrid (Spain). He works as a research project manager and technology advisor for QoS and QoE in Indra. He has taught different courses of signalling protocols and networks (SS7, GSM, GPRS, UMTS, IMS and IPTV) in Telefonica R&D, Telefonica Spain and the Americas. He has published over 70 articles as much for the European organisms of regulation as for Telefonica Group, produced workshops and scientific and regulation book chapters, and has participated in lectures for different national and international conferences, including TeleManagement Forum, ETSI and IEEE. He currently leads the Celtic NOTTS projectand co-leads the Customer Experience Management (CEM) Implementation Guide at the TeleManagement Forum.
Related to Traffic Anomaly Detection
Related ebooks
Communications for Control in Cyber Physical Systems: Theory, Design and Applications in Smart Grids Rating: 0 out of 5 stars0 ratingsMalware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code Rating: 0 out of 5 stars0 ratingsClient-Side Attacks and Defense Rating: 0 out of 5 stars0 ratingsHow to Cheat at Configuring ISA Server 2004 Rating: 0 out of 5 stars0 ratingsCyber Threat Intelligence A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNagios 3 Enterprise Network Monitoring: Including Plug-Ins and Hardware Devices Rating: 0 out of 5 stars0 ratingsBiometric Authentication Methods The Ultimate Step-By-Step Guide Rating: 0 out of 5 stars0 ratingsThreat Intelligence Platforms A Clear and Concise Reference Rating: 0 out of 5 stars0 ratingsNetwork Operating System A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsSIP Extensions For The IP Multimedia Subsystem A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCheckPoint NG VPN 1/Firewall 1: Advanced Configuration and Troubleshooting Rating: 0 out of 5 stars0 ratingsCyber Security Audit A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsPrivileged Access Management PAM Third Edition Rating: 0 out of 5 stars0 ratingsAdaptive Biometric Systems A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNetwork Security Evaluation Using the NSA IEM Rating: 3 out of 5 stars3/5Forensics And Incident Response A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsAccess Control Biometrics A Complete Guide Rating: 0 out of 5 stars0 ratingsData Center Security A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsSecurity Metrics A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsGISF A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsIT Disaster Recovery Management A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsSecuring Social Media in the Enterprise Rating: 0 out of 5 stars0 ratingsCybersecurity Maturity Model Certification A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsNetwork Security A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsSeven Deadliest Unified Communications Attacks Rating: 0 out of 5 stars0 ratingsCybersecurity Regulations A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsVMware vSphere Security Cookbook Rating: 0 out of 5 stars0 ratingsThreat Landscape A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCyber-Physical Attacks: A Growing Invisible Threat Rating: 4 out of 5 stars4/5Cloud Security Compliance A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratings
Reviews for Traffic Anomaly Detection
0 ratings0 reviews
Book preview
Traffic Anomaly Detection - Antonio Cuadra-Sánchez
Traffic Anomaly Detection
Antonio Cuadra-Sánchez
Javier Aracil
Table of Contents
Cover image
Title page
Copyright
Introduction
1: Introduction to Traffic Anomaly Detection Methods
Abstract
1.1 Cumulative sum control charts (CUSUM)
1.2 Tests of goodness-of-fit
1.3 Mutual information (MI)
2: Finding the Optimal Aggregation Period
Abstract
2.1 Introduction
2.2 State of the art
2.3 Macroscopic observation of traffic
2.4 Average-day analysis
2.5 Conclusion
3: Comparative Analysis of Traffic Anomaly Detection Methods
Abstract
3.1 Introduction
3.2 State of the art
3.3 Average-day preliminary analysis
3.4 Proposed change point detection algorithms
3.5 Behavior of the analyzed algorithms
3.6 Conclusion
4: Proposal of a New Information-theory Technique
Abstract
4.1 Introduction
4.2 Related work
4.3 Analysis of traffic anomaly detection methods applied to typical day profile
4.4 Conclusions
4.5 Acknowledgments
Bibliography
Index
Copyright
First published 2015 in Great Britain and the United States by ISTE Press Ltd and Elsevier Ltd
Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms and licenses issued by the CLA. Enquiries concerning reproduction outside these terms should be sent to the publishers at the undermentioned address:
ISTE Press Ltd
27-37 St George's Road
London SW19 4EU
UK
www.iste.co.uk
Elsevier Ltd
The Boulevard, Langford Lane
Kidlington, Oxford, OX5 1GB
UK
www.elsevier.com
Notices
Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary.
Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
For information on all our publications visit our website at http://store.elsevier.com/
© ISTE Press Ltd 2015
The rights of Antonio Cuadra-Sánchez and Javier Aracil to be identified as the authors of this work have been asserted by them in accordance with the Copyright, Designs and Patents Act 1988.
British Library Cataloguing-in-Publication Data
A CIP record for this book is available from the British Library
Library of Congress Cataloging in Publication Data
A catalog record for this book is available from the Library of Congress
ISBN 978-1-78548-012-6
Printed and bound in the UK and US
Introduction
In this book, we show an overview of traffic anomaly detection analysis, which allows us to monitor the security aspects of multimedia services. This approach is based on the analysis of time aggregation adjacent periods of the traffic. As traffic varies throughout the day, it is essential to consider the concrete traffic period in which the anomaly occurs. In this book, we present the algorithms proposed for this analysis. In addition, we make an empirical comparative analysis of these methods and produce a new information theory-based technique which we call typical day analysis
.
In Chapter 1, we present the change point detection algorithms that we are considering in this book. We introduce the Cumulative SUM (CUSUM) control chart, two tests of goodness-of-fit (Pearson's Chi-squared and Kolmogorov–Smirnov tests) and mutual information (mutual dependency between variables). These algorithms are used in the subsequent chapters to detect traffic anomalies in multimedia