Skip to Main content Skip to Navigation
Conference papers

A Robust Anomaly Detection Technique Using Combined Statistical Methods

Abstract : Parametric anomaly detection is generally a three steps process where, in the first step a model of normal behavior is calibrated and thereafter, the obtained model is used in order to reduce the entropy of the observation. The second step generates an innovation process that is used in the third step to make a decision on the existence or not of an anomaly in the observed data. Under favorable conditions the innovation process is expected to be a Gaussian white noise. However, in practice, this is hardly the case as frequently the observed signals are not gaussian themselves. Moreover long range dependencies, as well as heavy tail in the observation can lead to important deviation from the normality and the independence in the innovation processes. This, results in the frequent observation that the decisions made assuming that the innovation process is a white and Gaussian results in a large false positive rate. In this paper we deal with the above issue. Our approach consists of not assuming anymore that the innovation process is Gaussian and white. In place we are assuming that the real distribution of the process is a mixture of Gaussian and that there are some time dependency in the innovation that we will capture by using a Hidden Markov Model. We therefore derive a new decision process and we show that this approach results into an important decrease of false alarm rates. We validate this approach over realistic traces.
Document type :
Conference papers
Complete list of metadatas

Cited literature [20 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-00620018
Contributor : Salamatian Kavé <>
Submitted on : Wednesday, September 7, 2011 - 10:06:07 AM
Last modification on : Tuesday, January 21, 2020 - 10:03:20 AM
Document(s) archivé(s) le : Thursday, December 8, 2011 - 2:22:53 AM

File

1569401781.pdf
Files produced by the author(s)

Identifiers

Citation

Joseph Ndong, Kavé Salamatian. A Robust Anomaly Detection Technique Using Combined Statistical Methods. Ninth Annual Communication Networks and Services Research Conference (CNSR), 2011, May 2011, Ottawa, Canada. pp.101 - 108, ⟨10.1109/CNSR.2011.23⟩. ⟨hal-00620018⟩

Share

Metrics

Record views

356

Files downloads

2917