A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic
The monitoring and management of high-volume feature-rich traffic in large networks offers significant challenges in storage, transmission and computational costs. The predominant approach to reducing these costs is based on performing a linear mapping of the data to a low-dimensional subspace such...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Huang, Tingshan Sethu, Harish Kandasamy, Nagarajan |
| description | The monitoring and management of high-volume feature-rich traffic in large
networks offers significant challenges in storage, transmission and
computational costs. The predominant approach to reducing these costs is based
on performing a linear mapping of the data to a low-dimensional subspace such
that a certain large percentage of the variance in the data is preserved in the
low-dimensional representation. This variance-based subspace approach to
dimensionality reduction forces a fixed choice of the number of dimensions, is
not responsive to real-time shifts in observed traffic patterns, and is
vulnerable to normal traffic spoofing. Based on theoretical insights proved in
this paper, we propose a new distance-based approach to dimensionality
reduction motivated by the fact that the real-time structural differences
between the covariance matrices of the observed and the normal traffic is more
relevant to anomaly detection than the structure of the training data alone.
Our approach, called the distance-based subspace method, allows a different
number of reduced dimensions in different time windows and arrives at only the
number of dimensions necessary for effective anomaly detection. We present
centralized and distributed versions of our algorithm and, using simulation on
real traffic traces, demonstrate the qualitative and quantitative advantages of
the distance-based subspace approach. |
| doi_str_mv | 10.48550/arxiv.1606.04552 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1606_04552</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1606_04552</sourcerecordid><originalsourceid>FETCH-LOGICAL-a672-e4746bb5e7374d2b9eaba495751a8b5407eaad8f1b7dda640fd2d625300c3d503</originalsourceid><addsrcrecordid>eNotz8tOwzAUBFBvWKDCB7DCP5Dg-Jkuo4aXVBWEso-u42thKYkj1zzy90DLajSzGOkQclOxUtZKsTtI3-GzrDTTJZNK8Uvy2tADftFmWVKE4Z3mSNsw4XwMcYYx5JW-ofsY8m-lPibazHGCcaUtZjyvYaYtZKBdAu_DcEUuPIxHvP7PDeke7rvdU7F_eXzeNfsCtOEFSiO1tQqNMNJxu0WwILfKqApqqyQzCOBqX1njHGjJvONOcyUYG4RTTGzI7fn2ROqXFCZIa_9H60808QPqO0k8</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic</title><source>arXiv.org</source><creator>Huang, Tingshan ; Sethu, Harish ; Kandasamy, Nagarajan</creator><creatorcontrib>Huang, Tingshan ; Sethu, Harish ; Kandasamy, Nagarajan</creatorcontrib><description>The monitoring and management of high-volume feature-rich traffic in large
networks offers significant challenges in storage, transmission and
computational costs. The predominant approach to reducing these costs is based
on performing a linear mapping of the data to a low-dimensional subspace such
that a certain large percentage of the variance in the data is preserved in the
low-dimensional representation. This variance-based subspace approach to
dimensionality reduction forces a fixed choice of the number of dimensions, is
not responsive to real-time shifts in observed traffic patterns, and is
vulnerable to normal traffic spoofing. Based on theoretical insights proved in
this paper, we propose a new distance-based approach to dimensionality
reduction motivated by the fact that the real-time structural differences
between the covariance matrices of the observed and the normal traffic is more
relevant to anomaly detection than the structure of the training data alone.
Our approach, called the distance-based subspace method, allows a different
number of reduced dimensions in different time windows and arrives at only the
number of dimensions necessary for effective anomaly detection. We present
centralized and distributed versions of our algorithm and, using simulation on
real traffic traces, demonstrate the qualitative and quantitative advantages of
the distance-based subspace approach.</description><identifier>DOI: 10.48550/arxiv.1606.04552</identifier><language>eng</language><subject>Computer Science - Cryptography and Security ; Computer Science - Learning ; Computer Science - Networking and Internet Architecture</subject><creationdate>2016-06</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,777,882</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1606.04552$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1606.04552$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Huang, Tingshan</creatorcontrib><creatorcontrib>Sethu, Harish</creatorcontrib><creatorcontrib>Kandasamy, Nagarajan</creatorcontrib><title>A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic</title><description>The monitoring and management of high-volume feature-rich traffic in large
networks offers significant challenges in storage, transmission and
computational costs. The predominant approach to reducing these costs is based
on performing a linear mapping of the data to a low-dimensional subspace such
that a certain large percentage of the variance in the data is preserved in the
low-dimensional representation. This variance-based subspace approach to
dimensionality reduction forces a fixed choice of the number of dimensions, is
not responsive to real-time shifts in observed traffic patterns, and is
vulnerable to normal traffic spoofing. Based on theoretical insights proved in
this paper, we propose a new distance-based approach to dimensionality
reduction motivated by the fact that the real-time structural differences
between the covariance matrices of the observed and the normal traffic is more
relevant to anomaly detection than the structure of the training data alone.
Our approach, called the distance-based subspace method, allows a different
number of reduced dimensions in different time windows and arrives at only the
number of dimensions necessary for effective anomaly detection. We present
centralized and distributed versions of our algorithm and, using simulation on
real traffic traces, demonstrate the qualitative and quantitative advantages of
the distance-based subspace approach.</description><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Learning</subject><subject>Computer Science - Networking and Internet Architecture</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2016</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotz8tOwzAUBFBvWKDCB7DCP5Dg-Jkuo4aXVBWEso-u42thKYkj1zzy90DLajSzGOkQclOxUtZKsTtI3-GzrDTTJZNK8Uvy2tADftFmWVKE4Z3mSNsw4XwMcYYx5JW-ofsY8m-lPibazHGCcaUtZjyvYaYtZKBdAu_DcEUuPIxHvP7PDeke7rvdU7F_eXzeNfsCtOEFSiO1tQqNMNJxu0WwILfKqApqqyQzCOBqX1njHGjJvONOcyUYG4RTTGzI7fn2ROqXFCZIa_9H60808QPqO0k8</recordid><startdate>20160614</startdate><enddate>20160614</enddate><creator>Huang, Tingshan</creator><creator>Sethu, Harish</creator><creator>Kandasamy, Nagarajan</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20160614</creationdate><title>A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic</title><author>Huang, Tingshan ; Sethu, Harish ; Kandasamy, Nagarajan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a672-e4746bb5e7374d2b9eaba495751a8b5407eaad8f1b7dda640fd2d625300c3d503</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2016</creationdate><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Learning</topic><topic>Computer Science - Networking and Internet Architecture</topic><toplevel>online_resources</toplevel><creatorcontrib>Huang, Tingshan</creatorcontrib><creatorcontrib>Sethu, Harish</creatorcontrib><creatorcontrib>Kandasamy, Nagarajan</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Huang, Tingshan</au><au>Sethu, Harish</au><au>Kandasamy, Nagarajan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic</atitle><date>2016-06-14</date><risdate>2016</risdate><abstract>The monitoring and management of high-volume feature-rich traffic in large
networks offers significant challenges in storage, transmission and
computational costs. The predominant approach to reducing these costs is based
on performing a linear mapping of the data to a low-dimensional subspace such
that a certain large percentage of the variance in the data is preserved in the
low-dimensional representation. This variance-based subspace approach to
dimensionality reduction forces a fixed choice of the number of dimensions, is
not responsive to real-time shifts in observed traffic patterns, and is
vulnerable to normal traffic spoofing. Based on theoretical insights proved in
this paper, we propose a new distance-based approach to dimensionality
reduction motivated by the fact that the real-time structural differences
between the covariance matrices of the observed and the normal traffic is more
relevant to anomaly detection than the structure of the training data alone.
Our approach, called the distance-based subspace method, allows a different
number of reduced dimensions in different time windows and arrives at only the
number of dimensions necessary for effective anomaly detection. We present
centralized and distributed versions of our algorithm and, using simulation on
real traffic traces, demonstrate the qualitative and quantitative advantages of
the distance-based subspace approach.</abstract><doi>10.48550/arxiv.1606.04552</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1606.04552 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1606_04552 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security Computer Science - Learning Computer Science - Networking and Internet Architecture |
| title | A New Approach to Dimensionality Reduction for Anomaly Detection in Data Traffic |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T09%3A29%3A58IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20New%20Approach%20to%20Dimensionality%20Reduction%20for%20Anomaly%20Detection%20in%20Data%20Traffic&rft.au=Huang,%20Tingshan&rft.date=2016-06-14&rft_id=info:doi/10.48550/arxiv.1606.04552&rft_dat=%3Carxiv_GOX%3E1606_04552%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |