Advertisement

Performance Analysis of Network Anomaly Detection Systems in Consumer Networks

  • P. DarshEmail author
  • R. Rahul
Conference paper
  • 11 Downloads
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 127)

Abstract

There has been a significant increase in the amount of smart home appliances such as intelligent thermostats, Internet-connected baby monitors, lights being used; these devices have been a target for a number of cyber-attacks till date. Using only fundamental network information such as source and destination ports, packet sizes, TCP flags, time between subsequent packets, necessary features can be extracted to detect the aforementioned anomalies. This paper aims to analyze some critical operating system performance metrics on detecting such anomalies. It also consists of the taxonomy of various approaches to classify anomalies and detailed description on capturing and cleaning network packets.

Keywords

Anomaly detection IoT Machine learning 

References

  1. 1.
    Doshi R, Apthorpe N, Feamster N (2018) Machine learning ddos detection for consumer internet of things devices. CoRR abs/1804.04159. http://arxiv.org/abs/1804.04159
  2. 2.
    Kolias C, Kambourakis G, Stavrou A, Voas J (2017) DDoS in the IoT: Mirai and other botnets. Computer.  https://doi.org/10.1109/MC.2017.201CrossRefGoogle Scholar
  3. 3.
    Chandola V, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Compu Surv.  https://doi.org/10.1145/1541880.1541882CrossRefGoogle Scholar
  4. 4.
    García-Teodoro P, Díaz-Verdejo J, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur.  https://doi.org/10.1016/j.cose.2008.08.003CrossRefGoogle Scholar
  5. 5.
    Patcha A, Park JM (2007) An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput Networks.  https://doi.org/10.1016/j.comnet.2007.02.001CrossRefGoogle Scholar
  6. 6.
    Lo CH, Ansari N (2013) Consumer: a novel hybrid intrusion detection system for distribution networks in smart grid. IEEE Trans Emerg Topics in Comput 1(1):33–44.  https://doi.org/10.1109/tetc.2013.2274043
  7. 7.
    Yu M (2012) A nonparametric adaptive cusum method and its application in network anomaly detection. Int J Adv Comput Technol.  https://doi.org/10.4156/ijact.vol4.issue1.32
  8. 8.
    Chan PK, Mahoney MV Arshad M (2003) A machine learning approach to anomaly detection. Department of Computer SciencesGoogle Scholar
  9. 9.
    Chhabra P, Scott C, Kolaczyk ED, Crovella M (2008) Distributed spatial anomaly detection. In: Proceedings of IEEE INFOCOM.  https://doi.org/10.1109/INFOCOM.2007.232
  10. 10.
    Lu W, Ghorbani AA (2009) Network anomaly detection based on wavelet analysis. Eurasip J Adv Signal Process.  https://doi.org/10.1155/2009/837601CrossRefzbMATHGoogle Scholar
  11. 11.
    Mahoney M, Chan P (2004) Learning rules for anomaly detection of hostile network traffic.  https://doi.org/10.1109/icdm.2003.1250987
  12. 12.
    Manikopoulos C, Papavassiliou S (2002) Network intrusion and fault detection: a statistical anomaly approach. IEEE Commun Mag.  https://doi.org/10.1109/MCOM.2002.1039860CrossRefGoogle Scholar
  13. 13.
    Simmross-Wattenberg F, Asensio-Pérez JI, Casaseca-De-La-Higuera P, Martín-Fernandez M, Dimitriadis IA, Alberola-López C (2011) Anomaly detection in network traffic based on statistical inference and \(\alpha \)-stable modeling. IEEE Trans Depend Secur Comput.  https://doi.org/10.1109/TDSC.2011.14CrossRefGoogle Scholar
  14. 14.
    Wang K, Stolfo SJ (2010) Anomalous payload-based network intrusion detection.  https://doi.org/10.1007/978-3-540-30143-1_11
  15. 15.
    Xiuyao S, Mingxi W, Jermaine C, Ranka S (2007) Conditional anomaly detection. IEEE Trans Knowl Data Eng.  https://doi.org/10.1109/TKDE.2007.1009CrossRefGoogle Scholar
  16. 16.
    Zhang Z, Li J, Manikopoulos CN, Jorgenson J, Ucles J (2001) HIDE: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In: Proceedings of IEEE workshop on information assurance and securityGoogle Scholar
  17. 17.
    Creech G, Hu J (2013) Generation of a new IDS test dataset: time to retire the KDD collection. In: IEEE wireless communications and networking conference (WCNC 2013).  https://doi.org/10.1109/WCNC.2013.6555301
  18. 18.
  19. 19.
    Netcap (https://githubcom/dreadl0ck/netcap)Google Scholar
  20. 20.
    matplotlib (https://matplotliborg)Google Scholar
  21. 21.
    pandas (https://pandaspydataorg)Google Scholar
  22. 22.
    scikit-learn (https://scikit-learnorg)Google Scholar
  23. 23.
    Mukerji A, Rothstein J (2012) Detecting anomalous network application be havorGoogle Scholar
  24. 24.
    Agrawal S, Agrawal J (2015) Survey on anomaly detection using data mining techniques. Procedia Comput Sci 60:708–713.  https://doi.org/10.1016/j.procs.2015.08.220
  25. 25.
    Bhuyan MH, Bhattacharyya DK, Kalita JK (2014) Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor.  https://doi.org/10.1109/SURV.2013.052213.00046CrossRefGoogle Scholar
  26. 26.
    Navaz ASS., Sangeetha V, Prabhadevi C (2013) Entropy based anomaly detection system to prevent ddos attacks in cloud. CoRR abs/1308.6745. http://arxiv.org/abs/1308.6745
  27. 27.
    Arunraj, NS, Hable R, Fernandes M, Leidl K, Heigl M (2018) Comparison of supervised , semi-supervised and unsupervised learning methods in network intrusion detection system (NIDS ) application. Anwendungen Und Konzepte Der Wirtschaftsinformatik (AKWI)Google Scholar
  28. 28.
    Rassam MA, Maarof MA, Zainal A (2014) Adaptive and online data anomaly detection for wireless sensor systems. Knowl Based Syst 60:44–57.  https://doi.org/10.1016/j.knosys.2014.01.003
  29. 29.
    He X, Mourot G, Maquin D, Ragot J, Beauseroy P, Smolarz A, Grall-Maës E (2014) Multi-task learning with one-class SVM. Neurocomputing.  https://doi.org/10.1016/j.neucom.2013.12.022CrossRefGoogle Scholar
  30. 30.
    Schreyer M, Sattarov T, Borth D, Dengel A, Reimer B (2017) Detection of anomalies in large scale accounting data using deep autoencoder networks. CoRR abs/1709.05254. http://arxiv.org/abs/1709.05254

Copyright information

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021

Authors and Affiliations

  1. 1.School of Computing Science and EngineeringVellore Institute of TechnologyVelloreIndia

Personalised recommendations