Traffic Anomaly Detection

Traffic Anomaly Detection presents an overview of traffic anomaly detection analysis, allowing you to monitor security aspects of multimedia services. The author's approach is based on the analysis of time aggregation adjacent periods of the traffic.

As traffic varies throughout the day, it is essential to consider the concrete traffic period in which the anomaly occurs. This book presents the algorithms proposed specifically for this analysis and an empirical comparative analysis of those methods and settle a new information theory based technique, named "typical day analysis".

• A new information-theory based technique for traffic anomaly detection (typical day analysis)
• Introductory chapters to anomaly detection methods including control charts, tests of goodness-of-fit Mutual Information
• Contains comparative analysis of traffic anomaly detection methods

Scientific and Engineering communities working on Anomaly detection in the context of Network Security. In particular, early researchers, post-docs and engineers with an interest in this field

1: Introduction to Traffic Anomaly Detection Methods

• Abstract
• 1.1 Cumulative sum control charts (CUSUM)
• 1.2 Tests of goodness-of-fit
• 1.3 Mutual information (MI)

2: Finding the Optimal Aggregation Period

• Abstract
• 2.1 Introduction
• 2.2 State of the art
• 2.3 Macroscopic observation of traffic
• 2.4 Average-day analysis
• 2.5 Conclusion

3: Comparative Analysis of Traffic Anomaly Detection Methods

• Abstract
• 3.1 Introduction
• 3.2 State of the art
• 3.3 Average-day preliminary analysis
• 3.4 Proposed change point detection algorithms
• 3.5 Behavior of the analyzed algorithms
• 3.6 Conclusion

4: Proposal of a New Information-theory Technique

• Abstract
• 4.1 Introduction
• 4.2 Related work
• 4.3 Analysis of traffic anomaly detection methods applied to typical day profile
• 4.4 Conclusions
• 4.5 Acknowledgments