Performance Analysis of Network Anomaly Detection Systems in Consumer Networks

  • P. DarshEmail author
  • R. Rahul
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 127)


There has been a significant increase in the amount of smart home appliances such as intelligent thermostats, Internet-connected baby monitors, lights being used; these devices have been a target for a number of cyber-attacks till date. Using only fundamental network information such as source and destination ports, packet sizes, TCP flags, time between subsequent packets, necessary features can be extracted to detect the aforementioned anomalies. This paper aims to analyze some critical operating system performance metrics on detecting such anomalies. It also consists of the taxonomy of various approaches to classify anomalies and detailed description on capturing and cleaning network packets.


Anomaly detection IoT Machine learning 


  1. 1.
    Doshi R, Apthorpe N, Feamster N (2018) Machine learning ddos detection for consumer internet of things devices. CoRR abs/1804.04159.
  2. 2.
    Kolias C, Kambourakis G, Stavrou A, Voas J (2017) DDoS in the IoT: Mirai and other botnets. Computer. Scholar
  3. 3.
    Chandola V, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Compu Surv. Scholar
  4. 4.
    García-Teodoro P, Díaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur. Scholar
  5. 5.
    Patcha A, Park JM (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Networks. Scholar
  6. 6.
    Lo CH, Ansari N (2013) Consumer: a novel hybrid intrusion detection system for distribution networks in smart grid. IEEE Trans Emerg Topics in Comput 1(1):33–44.
  7. 7.
    Yu M (2012) A nonparametric adaptive cusum method and its application in network anomaly detection. Int J Adv Comput Technol.
  8. 8.
    Chan PK, Mahoney MV Arshad M (2003) A machine learning approach to anomaly detection. Department of Computer SciencesGoogle Scholar
  9. 9.
    Chhabra P, Scott C, Kolaczyk ED, Crovella M (2008) Distributed spatial anomaly detection. In: Proceedings of IEEE INFOCOM.
  10. 10.
    Lu W, Ghorbani AA (2009) Network anomaly detection based on wavelet analysis. Eurasip J Adv Signal Process. Scholar
  11. 11.
    Mahoney M, Chan P (2004) Learning rules for anomaly detection of hostile network traffic.
  12. 12.
    Manikopoulos C, Papavassiliou S (2002) Network intrusion and fault detection: a statistical anomaly approach. IEEE Commun Mag. Scholar
  13. 13.
    Simmross-Wattenberg F, Asensio-Pérez JI, Casaseca-De-La-Higuera P, Martín-Fernandez M, Dimitriadis IA, Alberola-López C (2011) Anomaly detection in network traffic based on statistical inference and \(\alpha \)-stable modeling. IEEE Trans Depend Secur Comput. Scholar
  14. 14.
    Wang K, Stolfo SJ (2010) Anomalous payload-based network intrusion detection.
  15. 15.
    Xiuyao S, Mingxi W, Jermaine C, Ranka S (2007) Conditional anomaly detection. IEEE Trans Knowl Data Eng. Scholar
  16. 16.
    Zhang Z, Li J, Manikopoulos CN, Jorgenson J, Ucles J (2001) HIDE: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In: Proceedings of IEEE workshop on information assurance and securityGoogle Scholar
  17. 17.
    Creech G, Hu J (2013) Generation of a new IDS test dataset: time to retire the KDD collection. In: IEEE wireless communications and networking conference (WCNC 2013).
  18. 18.
  19. 19.
    Netcap (https://githubcom/dreadl0ck/netcap)Google Scholar
  20. 20.
    matplotlib (https://matplotliborg)Google Scholar
  21. 21.
    pandas (https://pandaspydataorg)Google Scholar
  22. 22.
    scikit-learn (https://scikit-learnorg)Google Scholar
  23. 23.
    Mukerji A, Rothstein J (2012) Detecting anomalous network application be havorGoogle Scholar
  24. 24.
    Agrawal S, Agrawal J (2015) Survey on anomaly detection using data mining techniques. Procedia Comput Sci 60:708–713.
  25. 25.
    Bhuyan MH, Bhattacharyya DK, Kalita JK (2014) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor. Scholar
  26. 26.
    Navaz ASS., Sangeetha V, Prabhadevi C (2013) Entropy based anomaly detection system to prevent ddos attacks in cloud. CoRR abs/1308.6745.
  27. 27.
    Arunraj, NS, Hable R, Fernandes M, Leidl K, Heigl M (2018) Comparison of supervised , semi-supervised and unsupervised learning methods in network intrusion detection system (NIDS ) application. Anwendungen Und Konzepte Der Wirtschaftsinformatik (AKWI)Google Scholar
  28. 28.
    Rassam MA, Maarof MA, Zainal A (2014) Adaptive and online data anomaly detection for wireless sensor systems. Knowl Based Syst 60:44–57.
  29. 29.
    He X, Mourot G, Maquin D, Ragot J, Beauseroy P, Smolarz A, Grall-Maës E (2014) Multi-task learning with one-class SVM. Neurocomputing. Scholar
  30. 30.
    Schreyer M, Sattarov T, Borth D, Dengel A, Reimer B (2017) Detection of anomalies in large scale accounting data using deep autoencoder networks. CoRR abs/1709.05254.

Copyright information

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021

Authors and Affiliations

  1. 1.School of Computing Science and EngineeringVellore Institute of TechnologyVelloreIndia

Personalised recommendations