University of Cambridge > Talks.cam > Computer Laboratory Wednesday Seminars > Detecting Network Traffic Anomalies

Detecting Network Traffic Anomalies

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Stephen Clark.

Unwanted events such as attacks, misconfigurations and failures can cause significant disruptions in day-to-day network operations. Effective management and mitigation of these events is predicated on fast and accurate identification. One way to identify these events is to apply an anomaly detection algorithm to network traffic streams. In this talk, I will describe the basic framework for anomaly detection in network traffic, and provide perspective on standard anomaly detection methods and why they have not been widely deployed. I will then describe a new flexible but precise anomaly detection method that we have recently developed called BasisDetect. Using a small dataset with labeled anomalies, our framework uses a novel basis pursuit algorithm to enable detection of a large class of anomalies in different types of network data, both from single source and a network wide perspective. Using a combination of synthetic and real world data, I will show that BasisDetect significantly reduces false alarms versus other anomaly detection methods.

This talk is part of the Computer Laboratory Wednesday Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2020 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity