Traffic Anomaly Detection presents an overview of traffic anomaly detection analysis, allowing you to monitor security aspects of multimedia services. The author's approach is based on the analysis of time aggregation adjacent periods of the traffic.
As traffic varies throughout the day, it is essential to consider the concrete traffic period in which the anomaly occurs. This book presents the algorithms proposed specifically for this analysis and an empirical comparative analysis of those methods and settle a new information theory based technique, named "typical day analysis".
- A new information-theory based technique for traffic anomaly detection (typical day analysis)
- Introductory chapters to anomaly detection methods including control charts, tests of goodness-of-fit Mutual Information
- Contains comparative analysis of traffic anomaly detection methods
Scientific and Engineering communities working on Anomaly detection in the context of Network Security. In particular, early researchers, post-docs and engineers with an interest in this field
1: Introduction to Traffic Anomaly Detection Methods
- 1.1 Cumulative sum control charts (CUSUM)
- 1.2 Tests of goodness-of-fit
- 1.3 Mutual information (MI)
2: Finding the Optimal Aggregation Period
- 2.1 Introduction
- 2.2 State of the art
- 2.3 Macroscopic observation of traffic
- 2.4 Average-day analysis
- 2.5 Conclusion
3: Comparative Analysis of Traffic Anomaly Detection Methods
- 3.1 Introduction
- 3.2 State of the art
- 3.3 Average-day preliminary analysis
- 3.4 Proposed change point detection algorithms
- 3.5 Behavior of the analyzed algorithms
- 3.6 Conclusion
4: Proposal of a New Information-theory Technique
- 4.1 Introduction
- 4.2 Related work
- 4.3 Analysis of traffic anomaly detection methods applied to typical day profile
- 4.4 Conclusions
- 4.5 Acknowledgments
- No. of pages:
- © ISTE Press - Elsevier 2016
- 30th October 2015
- ISTE Press - Elsevier
- Hardcover ISBN:
- eBook ISBN:
Antonio Cuadra-Sanchez is a Telecommunications Engineer (MSc) from the University of Cantabria (Spain). He also holds a Masters degree in Computing and communications from the University Autonoma of Madrid (Spain). He works as a research project manager and technology advisor for QoS and QoE in Indra. He has taught different courses of signalling protocols and networks (SS7, GSM, GPRS, UMTS, IMS and IPTV) in Telefonica R&D, Telefonica Spain and the Americas. He has published over 70 articles as much for the European organisms of regulation as for Telefonica Group, produced workshops and scientific and regulation book chapters, and has participated in lectures for different national and international conferences, including TeleManagement Forum, ETSI and IEEE.
He currently leads the Celtic NOTTS projectand co-leads the Customer Experience Management (CEM) Implementation Guide at the TeleManagement Forum.
Indra Sistemas, S.A. / Universidad Autonoma de Madrid, Spain
Javier Aracil received the M.Sc. and Ph.D. degrees (Honors) from Technical University of Madrid in 1993 and 1995, both in Telecommunications Engineering. In 1995 he was awarded with a Fulbright scholarship and was appointed as a Postdoctoral Researcher of the Department of Electrical Engineering and Computer Sciences, University of California, Berkeley. In 1998 he was a research scholar at the Center for Advanced Telecommunications, Systems and Services of The University of Texas at Dallas. He has been an associate professor for University of Cantabria and Public University of Navarra and he is currently a full professor at Universidad Autónoma de Madrid, Madrid, Spain. His research interest are in optical networks and performance evaluation of communication networks. He has authored more than 100 papers in international conferences and journals.
Professor, Universidad Autónoma de Madrid, Madrid, Spain
"...their focus is on the theoretical aspects of determining anomalous traffic...it’s bound to be of interest to those developing security solutions." --Network Security