Degree-based Outlier Detection within IP Traffic Modelled as a Link Stream

Abstract : This paper aims at precisely detecting and identifying anomalous events in IP traffic. To this end, we adopt the link stream formalism which properly captures temporal and structural features of the data. Within this framework, we focus on finding anomalous behaviours with respect to the degree of IP addresses over time. Due to diversity in IP profiles, this feature is typically distributed heterogeneously, preventing us to directly find anomalies. To deal with this challenge, we design a method to detect outliers as well as precisely identify their cause in a sequence of similar heterogeneous distributions. We apply it to several MAWI captures of IP traffic and we show that it succeeds in detecting relevant patterns in terms of anomalous network activity.
Complete list of metadatas

Cited literature [52 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02172934
Contributor : Lionel Tabourier <>
Submitted on : Thursday, July 4, 2019 - 10:18:51 AM
Last modification on : Friday, July 12, 2019 - 1:31:32 AM

File

cn_degree_based.pdf
Files produced by the author(s)

Identifiers

Citation

Audrey Wilmet, Tiphaine Viard, Matthieu Latapy, Robin Lamarche-Perrin. Degree-based Outlier Detection within IP Traffic Modelled as a Link Stream. Computer Networks, Elsevier, 2019, 161, pp.197-209. ⟨10.1016/j.comnet.2019.07.002⟩. ⟨hal-02172934⟩

Share

Metrics

Record views

79

Files downloads

50