Paper Abstract and Keywords |
Presentation |
2008-12-12 14:55
An Automatic and Dynamic Parameter Tuning of a Statistics-based Network Anomaly Detection Algorithm Yosuke Himura (the Univ. of Tokyo), Kensuke Fukuda (NII/PRESTO, JST), Kenjiro Cho (Internet Initiative Japan), Hiroshi Esaki (the Univ. of Tokyo) IN2008-106 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
In this paper, we investigate an automatic and dynamic parameter tuning method of a statistical network traffic anomaly detection algorithm. We evaluate the appropriate learning period of parameter setting in anomaly detection algorithm based on sketch and multi-scale gamma-function model with real network traces measured for 7 months. The main results are following: (1) Without learning, the best parameter highly varies day by day. (2) With a longer learning period, the best parameter setting is affected by significant data during the larning period. (3) The appropriate period of the learning is around 3 days. (4) The performance degradation rate with dynamic parameter tuning is 17% in the best case. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
traffic analysis / anomaly detection / performance evaluation / dynamic parameter optimization / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 108, no. 342, IN2008-106, pp. 121-126, Dec. 2008. |
Paper # |
IN2008-106 |
Date of Issue |
2008-12-04 (IN) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
IN2008-106 |
Conference Information |
Committee |
IN |
Conference Date |
2008-12-11 - 2008-12-12 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Hiroshima City University |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
|
Paper Information |
Registration To |
IN |
Conference Code |
2008-12-IN |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
An Automatic and Dynamic Parameter Tuning of a Statistics-based Network Anomaly Detection Algorithm |
Sub Title (in English) |
|
Keyword(1) |
traffic analysis |
Keyword(2) |
anomaly detection |
Keyword(3) |
performance evaluation |
Keyword(4) |
dynamic parameter optimization |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Yosuke Himura |
1st Author's Affiliation |
the University of Tokyo (the Univ. of Tokyo) |
2nd Author's Name |
Kensuke Fukuda |
2nd Author's Affiliation |
National Institute of Informatics/Japan Science and Technology Agency PRESTO (NII/PRESTO, JST) |
3rd Author's Name |
Kenjiro Cho |
3rd Author's Affiliation |
Internet Initiative Japan (Internet Initiative Japan) |
4th Author's Name |
Hiroshi Esaki |
4th Author's Affiliation |
the University of Tokyo (the Univ. of Tokyo) |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
21st Author's Name |
|
21st Author's Affiliation |
() |
22nd Author's Name |
|
22nd Author's Affiliation |
() |
23rd Author's Name |
|
23rd Author's Affiliation |
() |
24th Author's Name |
|
24th Author's Affiliation |
() |
25th Author's Name |
|
25th Author's Affiliation |
() |
26th Author's Name |
/ / |
26th Author's Affiliation |
()
() |
27th Author's Name |
/ / |
27th Author's Affiliation |
()
() |
28th Author's Name |
/ / |
28th Author's Affiliation |
()
() |
29th Author's Name |
/ / |
29th Author's Affiliation |
()
() |
30th Author's Name |
/ / |
30th Author's Affiliation |
()
() |
31st Author's Name |
/ / |
31st Author's Affiliation |
()
() |
32nd Author's Name |
/ / |
32nd Author's Affiliation |
()
() |
33rd Author's Name |
/ / |
33rd Author's Affiliation |
()
() |
34th Author's Name |
/ / |
34th Author's Affiliation |
()
() |
35th Author's Name |
/ / |
35th Author's Affiliation |
()
() |
36th Author's Name |
/ / |
36th Author's Affiliation |
()
() |
Speaker |
Author-1 |
Date Time |
2008-12-12 14:55:00 |
Presentation Time |
25 minutes |
Registration for |
IN |
Paper # |
IN2008-106 |
Volume (vol) |
vol.108 |
Number (no) |
no.342 |
Page |
pp.121-126 |
#Pages |
6 |
Date of Issue |
2008-12-04 (IN) |