Leveraging a Probabilistic PCA Model to Understand the Multivariate Statistical Network Monitoring Framework for Network Security Anomaly Detection

A Mixture Probabilistic PCA Model for Multivariate Manufacturing Processes Monitoring

− A mixture probabilistic Principal Component Analysis (PCA) model is proposed as a multivariate process monitoring tool in this paper. High dimensional measurement data could be aggregated into some clusters based on the mixture distribution model, where the number of these clusters is automatically determined by the maximum likelihood estimation procedure. The multivariate statistical process...

Multivariate SVD Analyses For Network Anomaly Detection

We are investigating the use of signals analysis methods for near real-time anomaly and intrusion detection. Recently, methods such as wavelet analysis [1], and principle component analysis [2-4] have been applied to network measurement data as a means for automatically detecting anomalies in networks. Anomalies have included both local events such as flash crowds, as well as global events such...

In-Network PCA and Anomaly Detection

We consider the problem of network anomaly detection in large distributed systems. In this setting, Principal Component Analysis (PCA) has been proposed as a method for discovering anomalies by continuously tracking the projection of the data onto a residual subspace. This method was shown to work well empirically in highly aggregated networks, that is, those with a limited number of large node...

Distributed PCA and Network Anomaly Detection

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission....

Statistical Approaches for Network Anomaly Detection