About: Similarity as a central approach to flow-based anomaly detection

Facets (new session)
Description
Metadata
Settings
- owl:sameAs
- Inference Rule:

About: Similarity as a central approach to flow-based anomaly detection Goto Sponge NotDistinct Permalink

An Entity of Type : http://linked.opendata.cz/ontology/domain/vavai/Vysledek, within Data Space : linked.opendata.cz associated with source document(s)

Attributes	Values
rdf:type	skos:Concept http://linked.opendata.cz/ontology/domain/vavai/Vysledek
rdfs:seeAlso	http://dx.doi.org/10.1002/nem.1867
Description	Network flow monitoring is currently a common practice in mid and large-size networks. Methods of flow-based anomaly detection are subject to ongoing extensive research, because detection methods based on deep packet inspection have reached their limits. However, there is a lack of comprehensive studies mapping the state of the art in this area. For this reason, we have conducted a thorough survey of flow-based anomaly detection methods published on academic conferences and used by the industry. We have analyzed these methods using the perspective of similarity which is inherent to any anomaly detection method. Based on this analysis, we have proposed a new taxonomy of network anomalies and a similarity-oriented classification of flow-based detection methods. We have also identified four issues requiring further research: the lack of flow-based evaluation data sets, infeasible benchmarking of proposed methods, excessive false positive rate, and limited coverage of certain anomaly classes. Network flow monitoring is currently a common practice in mid and large-size networks. Methods of flow-based anomaly detection are subject to ongoing extensive research, because detection methods based on deep packet inspection have reached their limits. However, there is a lack of comprehensive studies mapping the state of the art in this area. For this reason, we have conducted a thorough survey of flow-based anomaly detection methods published on academic conferences and used by the industry. We have analyzed these methods using the perspective of similarity which is inherent to any anomaly detection method. Based on this analysis, we have proposed a new taxonomy of network anomalies and a similarity-oriented classification of flow-based detection methods. We have also identified four issues requiring further research: the lack of flow-based evaluation data sets, infeasible benchmarking of proposed methods, excessive false positive rate, and limited coverage of certain anomaly classes. (en)
Title	Similarity as a central approach to flow-based anomaly detection Similarity as a central approach to flow-based anomaly detection (en)
skos:prefLabel	Similarity as a central approach to flow-based anomaly detection Similarity as a central approach to flow-based anomaly detection (en)
skos:notation	RIV/00216224:14610/14:00076011!RIV15-MSM-14610___
http://linked.open...avai/riv/aktivita	I
http://linked.open...avai/riv/aktivity	I
http://linked.open...iv/cisloPeriodika	4
http://linked.open...vai/riv/dodaniDat	2015
http://linked.open...aciTvurceVysledku	Vykopal, Jan Drašar, Martin Vizváry, Martin
http://linked.open.../riv/druhVysledku	J - Článek v odborném periodiku
http://linked.open...iv/duvernostUdaju	S - Úplné a pravdivé údaje nepodléhající ochraně podle zvláštních právních předpisů
http://linked.open...titaPredkladatele	Masarykova univerzita / Ústav výpočetní techniky
http://linked.open...dnocenehoVysledku	44875
http://linked.open...ai/riv/idVysledku	RIV/00216224:14610/14:00076011
http://linked.open...riv/jazykVysledku	eng - angličtina
http://linked.open.../riv/klicovaSlova	similarity; anomaly detection; network flows (en)
http://linked.open.../riv/klicoveSlovo	network flows similarity anomaly detection
http://linked.open...odStatuVydavatele	US - Spojené státy americké
http://linked.open...ontrolniKodProRIV	[9E92F30A8E57]
http://linked.open...i/riv/nazevZdroje	International Journal of Network Management
http://linked.open...in/vavai/riv/obor	IN
http://linked.open...ichTvurcuVysledku	3 (xsd:int)
http://linked.open...cetTvurcuVysledku	3 (xsd:int)
http://linked.open...UplatneniVysledku	2014
http://linked.open...v/svazekPeriodika	24
http://linked.open...iv/tvurceVysledku	Vykopal, Jan Drašar, Martin Vizváry, Martin
http://linked.open...ain/vavai/riv/wos	000339479100008
issn	1055-7148
number of pages	19 (xsd:int)
http://bibframe.org/vocab/doi	10.1002/nem.1867
http://localhost/t...ganizacniJednotka	14610

Faceted Search & Find service v1.16.118 as of Jun 21 2024

Alternative Linked Data Documents: ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 07.20.3240 as of Jun 21 2024, on Linux (x86_64-pc-linux-gnu), Single-Server Edition (126 GB total memory, 58 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software