Traffic Anomaly Detection
Publication Date: October 2015 Hardback 70 pp.
The authors present an overview of traffic anomaly detection analysis, which allows us to monitor security aspects of multimedia services, as well as the algorithms proposed for this analysis. In addition, an empirical comparative analysis of those methods is made and a new information-theory based technique called “typical day analysis" is determined.
The first chapter presents the change point detection algorithms that are considered in this book. The CUmulative SUM (CUSUM) control chart is introduced, as are two tests of goodness-of-fit: Pearson's Chi-squared and Kolmogorov-Smirnov tests and Mutual Information (mutual dependency between variables). These algorithms are used in the subsequent chapters to detect traffic anomalies in multimedia traffic.
Chapter 2 studies the periodic behavior of traffic in order to determine significant traffic variations that may reveal how changes in time are statistically significant, which in turn will find the optimal aggregation period.
In Chapter 3, the authors analyze how the different algorithms behave in detecting changing points. They present a deep analysis of the multimedia-monitored traffic to understand how traffic behaves throughout the day to compare the traffic anomaly detection methods.
Finally, in Chapter 4, a new information-theory technique is proposed: the authors present the “typical day profile” technique and its application to the change point detection field. This constitutes a new information-theory based technique that analyzes the traffic pattern over a typical 24-hour day.
1. Introduction to Traffic Anomaly.
2. Finding the Optimal Aggregation Period.
3. Comparative Analysis of Traffic Anomaly Detection Methods.
4. Proposal of a New Information-theory Technique.
About the Authors
Antonio Cuadra-Sánchez works as a research project manager and technology advisor for QoS and QoE at Indra Sistemas, S.A., in Spain. Previously he worked as a technology specialist at Telefonica R&D for 10 years. He has taught different courses on signalling protocols and networks (SS7, GSM, GPRS, UMTS, IMS,IPTV and OTT) for the Telefonica Group, and has also coordinated various international research projects (Eureka Celtic Plus) and standardization programs (TM Forum).
Javier Aracil is Full Professor at Universidad Autonoma de Madrid, Spain. He has previously been an Associate Professor for University of Cantabria and Public University of Navarra. In 1995 he was awarded with a Fulbright scholarship and was appointed a Postdoctoral Researcher at the University of California, Berkeley, and in 1998 he was a research scholar at University of Texas at Dallas. He is also one of the founding partners of the spin-off company Naudit HPCN.