TY - GEN
T1 - Collaborative network traffic analysis via alternating direction method of multipliers
AU - Lu, Liangfu
AU - Huang, Zhenghai
AU - Zhang, Xuyun
AU - Qi, Lianyong
AU - Chen, Sicong
AU - Wu, Yao
PY - 2018
Y1 - 2018
N2 - As one of the hot issues in the research on complicated network, collaborative network traffic analysis plays a core role in improving network performance, analyzing network behaviors and predicting abnormal traffic, especially from large-scale network data sets. Several approaches on flow-level traffic data analysis have been proposed about analyzing the structure and situation of the network. Different from the state-of-the-art, we first propose a new decomposition model based on the alternating direction method of multipliers for packet-level traffic data. In addition, we present the iterative scheme of the algorithm for network anomaly detection problem, which is termed NTA-ADMM. Based on this approach, we can carry out intrusion detection for packet-level network traffic data, no matter whether it is polluted by noise or not. Finally, we design a prototype system for network anomaly detection such as unauthorized access from a remote machine to a local machine (R2L) attack and so on. The experiments have shown that our approach is effective in revealing the patterns of network traffic data and detecting attacks from large-scale network traffic. Moreover, the experiments have demonstrated the robustness of the algorithm even when the network traffic is polluted by the large volume anomalies and noise.
AB - As one of the hot issues in the research on complicated network, collaborative network traffic analysis plays a core role in improving network performance, analyzing network behaviors and predicting abnormal traffic, especially from large-scale network data sets. Several approaches on flow-level traffic data analysis have been proposed about analyzing the structure and situation of the network. Different from the state-of-the-art, we first propose a new decomposition model based on the alternating direction method of multipliers for packet-level traffic data. In addition, we present the iterative scheme of the algorithm for network anomaly detection problem, which is termed NTA-ADMM. Based on this approach, we can carry out intrusion detection for packet-level network traffic data, no matter whether it is polluted by noise or not. Finally, we design a prototype system for network anomaly detection such as unauthorized access from a remote machine to a local machine (R2L) attack and so on. The experiments have shown that our approach is effective in revealing the patterns of network traffic data and detecting attacks from large-scale network traffic. Moreover, the experiments have demonstrated the robustness of the algorithm even when the network traffic is polluted by the large volume anomalies and noise.
KW - Collaborative Network security
KW - Network traffic analysis
KW - Anomaly detection
KW - Alternating direction method of multipliers
UR - http://www.scopus.com/inward/record.url?scp=85054413787&partnerID=8YFLogxK
U2 - 10.1109/CSCWD.2018.8465367
DO - 10.1109/CSCWD.2018.8465367
M3 - Conference proceeding contribution
SN - 9781538614839
T3 - International Conference on Computer Supported Cooperative Work in Design
SP - 547
EP - 552
BT - Proceedings of the 2018 IEEE 22nd International Conference on Computer Supported Cooperative Work in Design
A2 - Barthes, Jean-Paul
A2 - Zhu, Haibin
A2 - Luo, Junzhou
A2 - Shen, Weiming
A2 - Zhang, Jinghui
A2 - Dong, Fang
PB - Institute of Electrical and Electronics Engineers (IEEE)
T2 - 22nd IEEE International Conference on Computer Supported Cooperative Work in Design (CSCWD)
Y2 - 9 May 2018 through 11 May 2018
ER -