 Network anomaly detection using a cross‐correlation‐based long‐range dependence analysisBasil AsSadhan, Abraham Alzoghaiby, Hamad Binsalleeh, Konstantinos G. Kyriakopoulos and Sangarapillai Lambotharan International Journal of Network Management, 2020, vol. 30, issue 6 Abstract: The detection of anomalies in network traffic is an important task in today's Internet. Among various anomaly detection methods, the techniques based on examination of the long‐range dependence (LRD) behavior of network traffic stands out to be powerful. In this paper, we reveal anomalies in aggregated network traffic by examining the LRD behavior based on the cross‐correlation function of the bidirectional control and data planes traffic. Specifically, observing that the conventional cross‐correlation function has a low measure of dissimilarity between the two planes, which leads to a reduced anomaly detection performance, we propose a modification of the cross‐correlation function to mitigate this issue. The performance of the proposed method is analyzed using a relatively recent Internet traffic captured at King Saud University. The results demonstrate that using the modified cross‐correlation function has the ability to detect low volume and short duration attacks. It also compensates for some misdetections exhibited by using the autocorrelation structures of the bidirectional traffic of the control, data, and WHOLE (combined control and data) planes traffic. Date: 2020 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:wly:intnem:v:30:y:2020:i:6:n:e2129 Access Statistics for this article More articles in International Journal of Network Management from John Wiley & Sons |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.