The number and impact of attack over the Internet have been continuously increasing in the last years, pushing the focus of many research activities into the development of effective techniques to promptly detect and identify anomalies in the network traffic. In this paper, we propose a performance comparison between two different histogram based anomaly detection methods, which use either the Euclidean distance or the entropy to measure the deviation from the normal behaviour. Such an analysis has been carried out taking into consideration different traffic features. The experimental results, obtained testing our systems over the publicly available MAWILAb dataset, point out that both the applied method and the chosen descriptor strongly impact the detection performance.
CITATION STYLE
Callegari, C., Giordano, S., & Pagano, M. (2016). Statistical network anomaly detection: An experimental study. In Communications in Computer and Information Science (Vol. 670, pp. 12–25). Springer Verlag. https://doi.org/10.1007/978-3-319-48021-3_2
Mendeley helps you to discover research relevant for your work.