A survey of network anomaly detection techniques

被引：790

作者：

Ahmed, Mohiuddin ^{[1
]}

Mahmood, Abdun Naser ^{[1
]}

Hu, Jiankun ^{[1
]}

机构：

[1] UNSW Canberra, Sch Engn & Informat Technol, Canberra, ACT 2600, Australia

来源：

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | 2016年 / 60卷

关键词：

Intrusion detection; Computer security; Anomaly detection; Classification; Clustering; Information theory; OUTLIER DETECTION; SYSTEM;

D O I：

10.1016/j.jnca.2015.11.016

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Information and Communication Technology (ICT) has a great impact on social wellbeing, economic growth and national security in todays world. Generally, ICT includes computers, mobile communication devices and networks. ICT is also embraced by a group of people with malicious intent, also known as network intruders, cyber criminals, etc. Confronting these detrimental cyber activities is one of the international priorities and important research area. Anomaly detection is an important data analysis task which is useful for identifying the network intrusions. This paper presents an in-depth analysis of four major categories of anomaly detection techniques which include classification, statistical, information theory and clustering. The paper also discusses research challenges with the datasets used for network intrusion detection. (C) 2015 Elsevier Ltd. All rights reserved.

引用

页码：19 / 31

页数：13

共 81 条

[1]

Ahmed M., 2014, The state of the art in intrusion prevention and detection, P3

[2]

Ahmed M., 2015, ANN DATA SCI, V2, P111, DOI [10.1007/s40745-015-0035-y, DOI 10.1007/S40745-015-0035-Y]

[3]

Ahmed M, 2015, LECT NOTES I COMPUTE, V139, P61

[4] A survey of anomaly detection techniques in financial domain [J].

Ahmed, Mohiuddin ;

Mahmood, Abdun Naser ;

Islam, Md. Rafiqul .

FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2016, 55 :278-288

[5]

Ahmed M, 2014, C IND ELECT APPL, P1780, DOI 10.1109/ICIEA.2014.6931456

[6]

Ahmed M, 2014, C IND ELECT APPL, P1141, DOI 10.1109/ICIEA.2014.6931337

[7]

Ahmed M, 2013, C IND ELECT APPL, P577

[8] Intrusion detection method based on nonlinear correlation measure [J].

Ambusaidi, Mohammed A. ;

Tan, Zhiyuan ;

He, Xiangjian ;

Nanda, Priyadarsi ;

Lu, Liang Fu ;

Jamdagni, Aruna .

INTERNATIONAL JOURNAL OF INTERNET PROTOCOL TECHNOLOGY, 2014, 8 (2-3) :77-86

[9]

[Anonymous], 1980, MONOGRAPHS STAT APPL

[10]

[Anonymous], EAI ENDORSED T SCALA

← 1 2 3 4 5 6 7 8 9 →