Institutional Repository [SANDBOX]
Technical University of Crete
EN  |  EL

Search

Browse

My Space

In-network PCA and anomaly detection

Huang Ling, Nguyen XuanLong, Garofalakis Minos, Jordan Michael I., Joseph Anthony, Taft Nina

Full record


URI: http://purl.tuc.gr/dl/dias/ABF8CEBF-57C5-4563-B3FC-989DAAE7238B
Year 2006
Type of Item Conference Full Paper
License
Details
Bibliographic Citation L. Huang, X. Nguyen, M. Garofalakis, M. I. Jordan, A. Joseph and N. Taft, "In-network PCA and anomaly detection", in 20th Annual Conference on Neural Information Processing Systems, 2006.
Appears in Collections

Summary

We consider the problem of network anomaly detection in large distributed systems. In thissetting, Principal Component Analysis (PCA) has been proposed as a method for discoveringanomalies by continuously tracking the projection of the data onto a residual subspace.This method was shown to work well empirically in highly aggregated networks, that is,those with a limited number of large nodes and at coarse time scales. This approach, however,has scalability limitations. To overcome these limitations, we develop a PCA-basedanomaly detector in which adaptive local data filters send to a coordinator just enough datato enable accurate global detection. Our method is based on a stochastic matrix perturbationanalysis that characterizes the tradeoff between the accuracy of anomaly detection andthe amount of data communicated over the network.

Services

Statistics