Real-time dynamic network anomaly detection
File(s)
Author(s)
Noble, Jordan
Adams, Niall
Type
Journal Article
Abstract
Methodology for statistical analysis of enterprise network data is becoming increasingly important in cyber-security. The
volume and velocity of enterprise network data sources puts a premium on streaming analytics that pass over the data once, while
handling temporal variation in the process. In this paper we introduce ReTiNA: a framework for streaming network anomaly detection.
This procedure first detects anomalies in the correlation processes on individual edges of the network graph. Second, anomalies
across multiple edges are combined and scored to give network-wide situational awareness. The approach is tested in simulation and
demonstrated on two real Netflow datasets.
volume and velocity of enterprise network data sources puts a premium on streaming analytics that pass over the data once, while
handling temporal variation in the process. In this paper we introduce ReTiNA: a framework for streaming network anomaly detection.
This procedure first detects anomalies in the correlation processes on individual edges of the network graph. Second, anomalies
across multiple edges are combined and scored to give network-wide situational awareness. The approach is tested in simulation and
demonstrated on two real Netflow datasets.
Date Issued
2018-06-11
Date Acceptance
2018-01-28
Citation
IEEE Intelligent Systems, 2018, 33 (2), pp.5-18
ISSN
1541-1672
Publisher
Institute of Electrical and Electronics Engineers
Start Page
5
End Page
18
Journal / Book Title
IEEE Intelligent Systems
Volume
33
Issue
2
Copyright Statement
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Subjects
Science & Technology
Technology
Computer Science, Artificial Intelligence
Engineering, Electrical & Electronic
Computer Science
Engineering
INTRUSION DETECTION
SYSTEMS
0801 Artificial Intelligence And Image Processing
1702 Cognitive Science
Artificial Intelligence & Image Processing
Publication Status
Published
Date Publish Online
2018-03-01