Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/78416
Title: On-line anomaly detection with high accuracy
Authors: Xie, K
Li, XC
Wang, X
Cao, JN 
Xie, GG
Wen, JG
Zhang, DF
Qin, Z
Keywords: Anomaly detection
On-line algorithm
Bilateral PCA
Issue Date: 2018
Publisher: Institute of Electrical and Electronics Engineers
Source: IEEE/ACM transactions on networking, June 2018, v. 26, no. 3, p. 1222-1235 How to cite?
Journal: IEEE/ACM transactions on networking 
Abstract: Traffic anomaly detection is critical for advanced Internet management. Existing detection algorithms generally convert the high-dimensional data to a long vector, which compromises the detection accuracy due to the loss of spatial information of data. Moreover, they are generally designed based on the separation of normal and anomalous data in a time period, which not only introduces high storage and computation cost but also prevents timely detection of anomalies. Online and accurate traffic anomaly detection is critical but difficult to support. To address the challenge, this paper directly models the monitoring data in each time slot as a 2-D matrix, and detects anomalies in the new time slot based on bilateral principal component analysis (B-PCA). We propose several novel techniques in OnlineBPCA to support quick and accurate anomaly detection in real time, including a novel BPCA-based anomaly detection principle that jointly considers the variation of both row and column principal directions for more accurate anomaly detection, an approximate algorithm to avoid using iteration procedure to calculate the principal directions in a close-form, and a sequential anomaly algorithm to quickly update principal directions with low computation and storage cost when receiving a new data matrix at a time slot. To the best of our knowledge, this is the first work that exploits 2-D PCA for anomaly detection. We have conducted extensive simulations to compare our OnlineBPCA with the state-of-art anomaly detection algorithms using real traffic traces Abilene and GEANT. Our simulation results demonstrate that, compared with other algorithms, our OnlineBPCA can achieve significantly better detection performance with low false positive rate, high true positive rate, and low computation cost.
URI: http://hdl.handle.net/10397/78416
ISSN: 1063-6692
DOI: 10.1109/TNET.2018.2819507
Appears in Collections:Journal/Magazine Article

Access
View full-text via PolyU eLinks SFX Query
Show full item record

SCOPUSTM   
Citations

7
Citations as of Mar 26, 2019

WEB OF SCIENCETM
Citations

2
Last Week
0
Last month
Citations as of Apr 6, 2019

Page view(s)

32
Citations as of May 21, 2019

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.