Další formáty:
BibTeX
LaTeX
RIS
@article{1192777, author = {Drašar, Martin and Vizváry, Martin and Vykopal, Jan}, article_number = {4}, doi = {http://dx.doi.org/10.1002/nem.1867}, keywords = {similarity; anomaly detection; network flows}, language = {eng}, issn = {1055-7148}, journal = {International Journal of Network Management}, title = {Similarity as a central approach to flow-based anomaly detection}, url = {http://dx.doi.org/10.1002/nem.1867}, volume = {24}, year = {2014} }
TY - JOUR ID - 1192777 AU - Drašar, Martin - Vizváry, Martin - Vykopal, Jan PY - 2014 TI - Similarity as a central approach to flow-based anomaly detection JF - International Journal of Network Management VL - 24 IS - 4 SP - 318-336 EP - 318-336 PB - John Wiley & Sons, Ltd. SN - 10557148 KW - similarity KW - anomaly detection KW - network flows UR - http://dx.doi.org/10.1002/nem.1867 L2 - http://dx.doi.org/10.1002/nem.1867 N2 - Network flow monitoring is currently a common practice in mid and large-size networks. Methods of flow-based anomaly detection are subject to ongoing extensive research, because detection methods based on deep packet inspection have reached their limits. However, there is a lack of comprehensive studies mapping the state of the art in this area. For this reason, we have conducted a thorough survey of flow-based anomaly detection methods published on academic conferences and used by the industry. We have analyzed these methods using the perspective of similarity which is inherent to any anomaly detection method. Based on this analysis, we have proposed a new taxonomy of network anomalies and a similarity-oriented classification of flow-based detection methods. We have also identified four issues requiring further research: the lack of flow-based evaluation data sets, infeasible benchmarking of proposed methods, excessive false positive rate, and limited coverage of certain anomaly classes. ER -
DRAŠAR, Martin, Martin VIZVÁRY a Jan VYKOPAL. Similarity as a central approach to flow-based anomaly detection. \textit{International Journal of Network Management}. John Wiley \&{} Sons, Ltd., 2014, roč.~24, č.~4, s.~318-336. ISSN~1055-7148. Dostupné z: https://dx.doi.org/10.1002/nem.1867.
|