Abstract
Protection of systems and computer networks against novel, unknown attacks is currently an intensively examined and developed domain. One of possible solutions to the problem is detection and classification of abnormal behaviors reflected in the analyzed network traffic. In the presented article we attempt to resolve the problem by anomaly detection in the analyzed network traffic described with the use of five different statistical models. We tested two groups of models which differed in autocorrelation dependences. The first group was composed of AR, MR and ARMA models which are characterized by short memory dependences. The second group, on the other hand, included statistical attempts described with ARFIMA and FIGARCH models which are characterized by long memory dependences. In order to detect anomalies in the network traffic we used differences between real network traffic and its estimated model. Obtained results of the performed experiments show purposefulness of the conducted comparative study of exploited statistical models.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Baillie, R., Bollerslev, T., Mikkelsen, H.: Fractionally integrated generalized autoregressive conditional heteroskedasticity. J. Econom. 74, 3–30 (1996)
Beran, J.A.: Statistics for Long-Memory Processes. Chapman and Hall, New York (1994)
Box, G., Jenkins, G., Reinsel, G.: Time Series Analysis. Holden-day, San Francisco (1970)
Box, G.E., Jenkins, M.G.: Time Series Analysis Forecasting and Control, 2nd edn. Holden-Day, San Francisco (1976)
Brockwell, P., Davis, R.: Introduction to Time Series and Forecasting. Springer, New York (2002)
Chondola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41(3), 1–72 (2009)
Crato, N., Ray, B.K.: Model selection and forecasting for long-range dependent pro-cesses. J. Forecast. 15, 107–125 (1996)
Gabriel, V.J., Martins, L.F.: On the forecasting ability of ARFIMA models when infre-quent breaks occur. Econom. J. 7, 455–475 (2004)
Geweke, J., Porter-Hudak, S.: The estimation and application of long memory time series models. J. Time Ser. Anal. (4), 221–238 (1983)
Granger, C.W.J., Joyeux, R.: An introduction to long-memory time series models and fractional differencing. J. Time Ser. Anal. 1, 15–29 (1980)
Haslett, J., Raftery, A.E.: Space-time modelling with long-memory dependence: assessing Ireland’s wind power resource (with discussion). Appl. Stat. 38(1), 1–50 (1989)
Hosking, J.R.M.: Fractional differencing. Biometrika 68, 165–176 (1981)
Hurst, H.R.: Long-term storage capacity of reservoirs. Transactions of the American Society of Civil Engineers 1, 519–543 (1951)
Hyndman, R.J., Khandakar, Y.: Automatic time series forecasting: the forecast package for R. J. Stat. Softw. 27(3), 1–22 (2008)
Kali Linux: https://www.kali.org (2015)
Saganowski, Ł., Goncerzewicz, M., Andrysiak, T.: Anomaly Detection Preprocessor for SNORT IDS System, Image Processing and Communications Challenges 4. Advances in Intelligent Systems and Computing 184, 225–232 (2013)
SNORT IDS: http://www.snort.org (2014)
Tayefi, M., Ramanathan, T.V.: An overview of FIGARCH and related time series models. Aust. J. Stat. 41(3), 175–196 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Andrysiak, T., Saganowski, Ł., Marchewka, A. (2016). A Comparative Study of Statistical Models with Long and Short-Memory Dependence for Network Anomaly Detection. In: Choraś, R. (eds) Image Processing and Communications Challenges 7. Advances in Intelligent Systems and Computing, vol 389. Springer, Cham. https://doi.org/10.1007/978-3-319-23814-2_29
Download citation
DOI: https://doi.org/10.1007/978-3-319-23814-2_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23813-5
Online ISBN: 978-3-319-23814-2
eBook Packages: EngineeringEngineering (R0)