Large-scale IP network behavior anomaly detection and identification using substructure-based approach and multivariate time series mining - Citegraph

Paper Info

Title
Large-scale IP network behavior anomaly detection and identification using substructure-based approach and multivariate time series mining

Abstract
In this paper, a substructure-based network behavior anomaly detection approach, called WFS (Weighted Frequent Subgraphs), is proposed to detect the anomalies of a large-scale IP networks. With application of WFS, an entire graph is examined, unusual substructures of which are reported. Due to additional information given by the graph, the anomalies are able to be detected more accurately. With multivariate time series motif association rules mining (MTSMARM), the patterns of abnormal traffic behavior are able to be obtained. In order to verify the above proposals, experiments are conducted and, together with application of backbone networks (Internet2) Netflow data, show some positive results.

Year	DOI	Venue
2012	10.1007/s11235-010-9384-1	Telecommunication Systems
Keywords	Field	DocType
Anomaly detection and identification,Weighted frequent subgraphs,Multivariate time series motif association rules mining	Graph,Data mining,Anomaly detection,Pattern recognition,NetFlow,Computer science,Multivariate statistics,Internet protocol suite,Association rule learning,Artificial intelligence,Network behavior,Substructure	Journal
Volume	Issue	ISSN
44	3-4	1018-4864
Citations	PageRank	References
8	0.57	44
Authors
3

Authors (3 rows)

Cited by (8 rows)

References (44 rows)

Name	Order	Citations	PageRank
Weisong He	1	8	1.24
Guangmin Hu	2	15	5.84
Yingjie Zhou	3	52	11.57

1