Network anomaly detection by using a time-decay closed frequent pattern

Zhao, Ying, Chen, Junjun, Wu, Di, Teng, Jian, Sharma, Nabin, Sajjanhar, Atul and Blumenstein, Michael 2019, Network anomaly detection by using a time-decay closed frequent pattern, Information, vol. 10, no. 8, pp. 1-18, doi: 10.3390/info10080262.

Attached Files
Name Description MIMEType Size Downloads

Title Network anomaly detection by using a time-decay closed frequent pattern
Author(s) Zhao, Ying
Chen, Junjun
Wu, Di
Teng, Jian
Sharma, Nabin
Sajjanhar, AtulORCID iD for Sajjanhar, Atul orcid.org/0000-0002-0445-0573
Blumenstein, Michael
Journal name Information
Volume number 10
Issue number 8
Article ID 262
Start page 1
End page 18
Total pages 18
Publisher MDPI
Place of publication Basel, Switzerland
Publication date 2019-08
ISSN 2078-2489
Keyword(s) anomaly detection
frequent pattern
user behavior
Summary Anomaly detection of network traffic flows is a non-trivial problem in the field of network security due to the complexity of network traffic. However, most machine learning-based detection methods focus on network anomaly detection but ignore the user anomaly behavior detection. In real scenarios, the anomaly network behavior may harm the user interests. In this paper, we propose an anomaly detection model based on time-decay closed frequent patterns to address this problem. The model mines closed frequent patterns from the network traffic of each user and uses a time-decay factor to distinguish the weight of current and historical network traffic. Because of the dynamic nature of user network behavior, a detection model update strategy is provided in the anomaly detection framework. Additionally, the closed frequent patterns can provide interpretable explanations for anomalies. Experimental results show that the proposed method can detect user behavior anomaly, and the network anomaly detection performance achieved by the proposed method is similar to the state-of-the-art methods and significantly better than the baseline methods.
Language eng
DOI 10.3390/info10080262
Indigenous content off
Field of Research 08 Information and Computing Sciences
HERDC Research category C1 Refereed article in a scholarly journal
Copyright notice ©2019, the authors
Persistent URL http://hdl.handle.net/10536/DRO/DU:30128970

Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 0 times in TR Web of Science
Scopus Citation Count Cited 0 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 44 Abstract Views, 2 File Downloads  -  Detailed Statistics
Created: Tue, 20 Aug 2019, 11:02:35 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.