Towards Efficient Flow Sampling Technique for Anomaly Detection
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F12%3A00191018" target="_blank" >RIV/68407700:21230/12:00191018 - isvavai.cz</a>
Result on the web
<a href="http://www.springerlink.com/content/aht28428hmm47366/fulltext.pdf" target="_blank" >http://www.springerlink.com/content/aht28428hmm47366/fulltext.pdf</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-642-28534-9_11" target="_blank" >10.1007/978-3-642-28534-9_11</a>
Alternative languages
Result language
angličtina
Original language name
Towards Efficient Flow Sampling Technique for Anomaly Detection
Original language description
With increasing amount of network traffic, sampling techniques have become widely employed allowing monitoring and analysis of high-speed network links. Despite of all benefits, sampling methods negatively influence the accuracy of anomaly detection techniques and other subsequent processing. In this paper, we present an adaptive, feature-aware sampling technique that reduces the loss of information bounded with the sampling process, thus minimizing the decrease of anomaly detection efficiency. To verify the optimality of our proposed technique, we build a model of the ideal sampling algorithm and define general metrics allowing us to compute the distortion of traffic feature distribution for various types of sampling algorithms. We compare our technique with random flow sampling and reveal their impact on several anomaly detection methods by using real network traffic data. The presented ideas can be applied on high-speed network links to refine the input data by suppressing highly-re
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
JC - Computer hardware and software
OECD FORD branch
—
Result continuities
Project
Result was created during the realization of more than one project. More information in the Projects tab.
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2012
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Traffic Monitoring and Analysis
ISBN
978-3-642-28533-2
ISSN
0302-9743
e-ISSN
—
Number of pages
14
Pages from-to
93-106
Publisher name
Springer-Verlag
Place of publication
Berlin
Event location
Vienna
Event date
Mar 12, 2012
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—