Network traffic anomalies refer to the traffic changed abnormally and obviously.Local events such as temporary network congestion,Distributed Denial of Service(DDoS)attack and large-scale scan,or global events such as...Network traffic anomalies refer to the traffic changed abnormally and obviously.Local events such as temporary network congestion,Distributed Denial of Service(DDoS)attack and large-scale scan,or global events such as abnormal network routing,can cause network anomalies.Network anomaly detection and analysis are very important to Computer Security Incident Response Teams(CSIRT).But wide-scale traffic anomaly detection requires extracting anomalous modes from large amounts of high-dimensional noise-rich data,and interpreting the modes;so,it is very difficult.This paper proposes a general method based on Principle Component Analysis(PCA)to analyze network anomalies.This method divides the traffic matrix into normal and anomalous subspaces,maps traffic vectors into the normal subspace,gets the distance from detected vector to average normal vector,and detects anomalies based on that distance.展开更多
To meet the needs of transportation systems for smart scenic security services,real-time detection and identification of traffic anomalies with high accuracy is essential.Based on the multi-objective sparse optical fl...To meet the needs of transportation systems for smart scenic security services,real-time detection and identification of traffic anomalies with high accuracy is essential.Based on the multi-objective sparse optical flow estimation method based on KLT algorithm,an improved algorithm for robust sparse optical flow is designed.The Forward-Backward error calculation method was used to eliminate the error optical flow generated by the KLT algorithm and the robustness of optical flow was improved.The proposed algorithm was verified by the actual traffic scene monitoring example,and the anomaly detection accuracy is above 80%.Furthermore,it has good detection effect on the benchmark dataset.展开更多
基金This work was funded by the High-tech Research and Development Program of China (863 Program) under Grant 2006II01Z451.
文摘Network traffic anomalies refer to the traffic changed abnormally and obviously.Local events such as temporary network congestion,Distributed Denial of Service(DDoS)attack and large-scale scan,or global events such as abnormal network routing,can cause network anomalies.Network anomaly detection and analysis are very important to Computer Security Incident Response Teams(CSIRT).But wide-scale traffic anomaly detection requires extracting anomalous modes from large amounts of high-dimensional noise-rich data,and interpreting the modes;so,it is very difficult.This paper proposes a general method based on Principle Component Analysis(PCA)to analyze network anomalies.This method divides the traffic matrix into normal and anomalous subspaces,maps traffic vectors into the normal subspace,gets the distance from detected vector to average normal vector,and detects anomalies based on that distance.
基金Xaar Network Next Generation Internet Technology Innovation Project(No.NGII20180901)the Major special project of science and technology of Guangxi(No.AA18118047-7).
文摘To meet the needs of transportation systems for smart scenic security services,real-time detection and identification of traffic anomalies with high accuracy is essential.Based on the multi-objective sparse optical flow estimation method based on KLT algorithm,an improved algorithm for robust sparse optical flow is designed.The Forward-Backward error calculation method was used to eliminate the error optical flow generated by the KLT algorithm and the robustness of optical flow was improved.The proposed algorithm was verified by the actual traffic scene monitoring example,and the anomaly detection accuracy is above 80%.Furthermore,it has good detection effect on the benchmark dataset.