Sciweavers

RAID
2009
Springer

Adaptive Anomaly Detection via Self-calibration and Dynamic Updating

14 years 7 months ago
Adaptive Anomaly Detection via Self-calibration and Dynamic Updating
The deployment and use of Anomaly Detection (AD) sensors often requires the intervention of a human expert to manually calibrate and optimize their performance. Depending on the site and the type of traffic it receives, the operators might have to provide recent and sanitized training data sets, the characteristics of expected traffic (i.e. outlier ratio), and exceptions or even expected future modifications of system’s behavior. In this paper, we study the potential performance issues that stem from fully automating the AD sensors’ day-to-day maintenance and calibration. Our goal is to remove the dependence on human operator using an unlabeled, and thus potentially dirty, sample of incoming traffic. To that end, we propose to enhance the training phase of AD sensors with a self-calibration phase, leading to the automatic determination of the optimal AD parameters. We show how this novel calibration phase can be employed in conjunction with previously proposed methods for train...
Gabriela F. Cretu-Ciocarlie, Angelos Stavrou, Mich
Added 27 May 2010
Updated 27 May 2010
Type Conference
Year 2009
Where RAID
Authors Gabriela F. Cretu-Ciocarlie, Angelos Stavrou, Michael E. Locasto, Salvatore J. Stolfo
Comments (0)