|
|
电子与信息学报 2011
Anomaly Detection Based on Network Module Structure
|
Abstract:
The large scale and high speed networks create massive data and have low detection accuracy. To address the problems, the idea “module” is brought from complex network into anomaly detection area. Firstly, the relations between network partition strategy and network detection accuracy are modeled, and a theoretically proof is given that partition strategy which based on network modularity is favorable for anomaly detection. Secondly, the module-based detection is proved that has higher detection rate and efficiency than network-based detection by theoretical analysis and experiments. Finally, by using flow-splitting and parallel processing technologies this approach can improve efficiency obviously.
