Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
INFOCOM
2010
IEEE
2010
IEEE
A Signal Processing View on Packet Sampling and Anomaly Detection
—Anomaly detection methods typically operate on pre-processed, i.e., sampled and aggregated, traffic traces. Most traffic capturing devices today employ random packet sampling, where each packet is selected with a certain probability, to cope with increasing link speeds. Temporal aggregation, where all packets in a measurement interval are represented by their temporal mean, is then applied to transform the traffic trace to the observation timescale of interest. These pre-processing steps affect the temporal correlation structure of traffic that is used by anomaly detection methods (e.g., Kalman filter, PCA), and have thus an impact on anomaly detection performance. Prior work has analyzed how packet sampling degrades the accuracy of anomaly detection methods; however, neither theoretical explanations nor solutions to the sampling problem have been provided. This paper makes the following key contributions: (i) It provides a thorough analysis and quatification of how packet sam...
Real-time Traffic| Added | 28 Jan 2011 |
| Updated | 28 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | INFOCOM |
| Authors | Daniela Brauckhoff, Kavé Salamatian, Martin May |
Comments (0)
Researcher Info
|
