Name
Abstract | ||
|---|---|---|
We consider the problem of network anomaly detection in large distributed systems. In this setting, Principal Component Analysis (PCA) has been proposed as a method for discover- ing anomalies by continuously tracking the projection of the data onto a residual subspace. This method was shown to work well empirically in highly aggregated networks, that is, those with a limited number of large nodes and at coarse time scales. This approach, how- ever, has scalability limitations. To overcome these limitations, we develop a PCA-based anomaly detector in which adaptive local data lters send to a coordinator just enough data to enable accurate global detection. Our method is based on a stochastic matrix perturba- tion analysis that characterizes the tradeoff between the accuracy of anomaly detection and the amount of data communicated over the network. |
Year | Venue | Keywords |
|---|---|---|
2006 | NIPS | principal component analysis,stochastic matrix,distributed system,anomaly detection |
Field | DocType | Citations |
Data mining,Anomaly detection,Computer science,Artificial intelligence,Detector,Residual,Stochastic matrix,Perturbation theory,Subspace topology,Pattern recognition,Machine learning,Principal component analysis,Scalability | Conference | 59 |
PageRank | References | Authors |
3.08 | 14 | 6 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ling Huang | 1 | 2496 | 118.80 |
| Xuanlong Nguyen | 2 | 96 | 7.44 |
| Minos Garofalakis | 3 | 4904 | 664.22 |
| Michael I. Jordan | 4 | 31220 | 3640.80 |
| D. Joseph | 5 | 5463 | 492.96 |
| Nina Taft | 6 | 2109 | 154.92 |