Paper Info
Title
Networking Anomaly Detection Using DSNs and Particle Swarm Optimization with Re-Clustering
Abstract
This paper presents an anomaly detection method using Digital Signature of Network Segment (DSNS) and Particle Swarm Optimization-based clustering (PSO-Cls). The PSO algorithm is an evolutionary computation technique whose main characteristics include low computational complexity, ability to escape from local optima, and small number of input parameters dependence, when compared to other evolutionary algorithms, e. g. genetic algorithms (GA). In the PSO-Cls algorithm, swarm intelligence is combined with K-means clustering, in order to achieve high convergence rates. On the other hand, DSNS consists of normal network traffic behavior profiles, generated by the application of Baseline for Automatic Backbone Management (BLGBA) model in SNMP historical network data set. The proposed approach identifies and classifies data clusters from DSNS and real traffic, using swarm intelligence. Anomalous behaviors can be easily identified by comparing real traffic and cluster centroids. Tests were performed in the network of State University of Londrina and the obtained detection and false alarm rates are promising.
Year
DOI
Venue
2010
10.1109/GLOCOM.2010.5683910
IEEE Global Telecommunications Conference (Globecom)
Keywords
Field
DocType
Anomaly detection,PSO,Baseline,DSNS,K-means clustering algorithm
Data mining,Anomaly detection,Evolutionary algorithm,Swarm behaviour,Computer science,Swarm intelligence,Real-time computing,Artificial intelligence,Cluster analysis,Particle swarm optimization,k-means clustering,Evolutionary computation,Machine learning
Conference
ISSN
Citations 
PageRank 
1930-529X
0
0.34
References 
Authors
7
6
Name
Order
Citations
PageRank
Moisés F. Lima121.39
Lucas Dias H. Sampaio2264.10
Bruno Bogaz Zarpelão39810.59
JOEL J. P. C. RODRIGUES43484341.72
Taufik Abrão512636.18
Mario Lemes Proença Jr.618820.31