Welcome to the InfoSci Platform
Reference Hub1
A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection

A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection

Stevan Novakov, Chung-Horng Lung, Ioannis Lambadaris, Nabil Seddigh
Copyright: © 2014 |Volume: 6 |Issue: 1 |Pages: 37
ISSN: 1937-9412|EISSN: 1937-9404|EISBN13: 9781466655577|DOI: 10.4018/ijmcmc.2014010102
Cite Article Cite Article

MLA

Novakov, Stevan, et al. "A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection." IJMCMC vol.6, no.1 2014: pp.17-53. http://doi.org/10.4018/ijmcmc.2014010102

APA

Novakov, S., Lung, C., Lambadaris, I., & Seddigh, N. (2014). A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection. International Journal of Mobile Computing and Multimedia Communications (IJMCMC), 6(1), 17-53. http://doi.org/10.4018/ijmcmc.2014010102

Chicago

Novakov, Stevan, et al. "A Hybrid Technique Using PCA and Wavelets in Network Traffic Anomaly Detection," International Journal of Mobile Computing and Multimedia Communications (IJMCMC) 6, no.1: 17-53. http://doi.org/10.4018/ijmcmc.2014010102

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Research into network anomaly detection has become crucial as a result of a significant increase in the number of computer attacks. Many approaches in network anomaly detection have been reported in the literature, but data or solutions typically are not freely available. Recently, a labeled network traffic flow dataset, Kyoto2006+, has been created and is publicly available. Most existing approaches using Kyoto2006+ for network anomaly detection apply various clustering techniques. This paper leverages existing well known statistical analysis and spectral analysis techniques for network anomaly detection. The first popular approach is a statistical analysis technique called Principal Component Analysis (PCA). PCA describes data in a new dimension to unlock otherwise hidden characteristics. The other well known spectral analysis technique is Haar Wavelet filtering analysis. It measures the amount and magnitude of abrupt changes in data. Both approaches have strengths and limitations. In response, this paper proposes a Hybrid PCA–Haar Wavelet Analysis. The hybrid approach first applies PCA to describe the data and then Haar Wavelet filtering for analysis. Based on prototyping and measurement, an investigation of the Hybrid PCA–Haar Wavelet Analysis technique is performed using the Kyoto2006+ dataset. The authors consider a number of parameters and present experimental results to demonstrate the effectiveness of the hybrid approach as compared to the two algorithms individually.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.