A Sparse Bayesian Framework for Anomaly Detection in Heterogeneous Networks

Zhang, Jian; Kannan, Rajgopal

doi:10.1007/978-3-642-29222-4_6

A Sparse Bayesian Framework for Anomaly Detection in Heterogeneous Networks

Jian Zhang¹⁷ &
Rajgopal Kannan¹⁷

Conference paper

1782 Accesses
1 Citations

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 74))

Abstract

The capability to detect anomalous states in a network is important for both the smooth operation of the network and the security of the network. Modern networks are often heterogeneous. This raises a new challenge for anomaly detection, as there may be a wide variety of anomalous activities across the heterogeneous components of a network. We often seek a detection system that not only performs accurate anomaly detection but also provides mechanisms for human expert to understand the decision making process inside the system. In this paper, we investigate the application of sparse Bayesian methods for anomaly detection in such scenario. By taking advantage of the sparse Bayesian framework’s capability to conduct automatic relevance discovery, we construct a detection system whose decision making is mostly based on a few representative examples from the training set. This provides human interpretability as expert can analyze the representative examples to understand the detection mechanism. Our experiment results show the potential of this approach.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Agyemang, M., Barker, K., Alhajj, R.: A comprehensive survey of numeric and symbolic outlier mining techniques. Intell. Data Anal. 10(6), 521–538 (2006)
Google Scholar
Beale, J., Caswell, B., Poor, M.: Snort 2.1 intrusion detection. Syngress Publishing (2004)
Google Scholar
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: A survey. ACM Comput. Surv. 41(3) (2009)
Google Scholar
Chen, W.-H., Hsu, S.-H., Shen, H.-P.: Application of SVM and ANN for intrusion detection. Computers & Oper. Res. 32, 2617–2634 (2005)
Article MATH Google Scholar
Dickerson, J.E., Dickerson, J.A.: Fuzzy network profiling for intrusion detection. In: 19th International Conference of the North American Fuzzy Information Processing Society (2000)
Google Scholar
Faul, A.C., Tipping, M.E.: Analysis of sparse bayesian learning. In: Advances in Neural Information Processing Systems, pp. 383–389 (2001)
Google Scholar
Hodge, V., Austin, J.: A survey of outlier detection methodologies. Artificial Intelligence Review 22(2), 85–126 (2004)
Article MATH Google Scholar
Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.I.: A hierarchical SOM-based intrusion detection system. Eng. Appl. of AI 20(4), 439–451 (2007)
Article Google Scholar
KDD. Kdd cup intrusion detection dataset (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Levin, I.: KDD-99 classifier learning contest: LLSoft’s results overview. SIGKDD Explorations 1(2), 67–75 (2000)
Article Google Scholar
Patcha, A., Park, J.-M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks 51(12), 3448–3470 (2007)
Article Google Scholar
Paxson, V.: Bro: a system for detecting network intruders in real-time. In: Proceedings of the 7th USENIX Security Symposium (1998)
Google Scholar
Porras, P.A., Neumann, P.G.: Emerlad. In: Proceedings of 20th National Information Systems Security Conference, pp. 353–365 (1997)
Google Scholar
Stolfo, S., Prodromidis, A., Tselepsis, S., Lee, W., Fan, D., Chan, P.: JAM: Java agents for meta-learning over distributed databases. In: Workshop on Fraud Detection and Risk Management AAAI 1997 (1997)
Google Scholar
Tipping, M.E.: Sparse bayesian learning and the relevance vector machine. Journal of Machine Learning Research 1, 211–244 (2001)
MathSciNet MATH Google Scholar
Williams, O., Blake, A., Cipolla, R.: Sparse bayesian learning for efficient visual tracking. IEEE Trans. Pattern Analysis and Machine Intelligence 27(8), 1292–1304 (2005)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Dept. Computer Science, Louisiana State University, Baton Rouge, LA, 70803, USA
Jian Zhang & Rajgopal Kannan

Authors

Jian Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Rajgopal Kannan
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Electrical and Computer Engineering, Texas A&M University, 77843-3259, College Station, TX, USA
Xi Zhang
Department of Electrical and Computer Engineering, Iowa State University, 50011, Ames, IA, USA
Daji Qiao

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Zhang, J., Kannan, R. (2012). A Sparse Bayesian Framework for Anomaly Detection in Heterogeneous Networks. In: Zhang, X., Qiao, D. (eds) Quality, Reliability, Security and Robustness in Heterogeneous Networks. QShine 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 74. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29222-4_6

Download citation

DOI: https://doi.org/10.1007/978-3-642-29222-4_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29221-7
Online ISBN: 978-3-642-29222-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics