State of the Art Literature Review on Network Anomaly Detection

Anomaly detection in computer networks is a complex task that requires the distinction of normality and anomaly. Network attack detection in information systems is a constant challenge in computer security research, as information systems provide essential services for enterprises and individuals. The consequences of these attacks could be the access, disclosure, or modification of information, as well as denial of computer services and resources. Intrusion Detection Systems (IDS) are developed as solutions to detect anomalous behavior, such as denial of service, and backdoors. The proposed model was inspired by the behavior of dendritic cells and their interactions with the human immune system, known as Dendritic Cell Algorithm (DCA), and combines the use of Multiresolution Analysis (MRA) Maximal Overlap Discrete Wavelet Transform (MODWT), as well as the segmented deterministic DCA approach (S-dDCA). The proposed approach is a binary classifier that aims to analyze a time-frequency representation of time-series data obtained from high-level network features, in order to classify data as normal or anomalous. The MODWT was used to extract the approximations of two input signal categories at different levels of decomposition, and are used as processing elements for the multi resolution DCA. The model was evaluated using the NSL-KDD, UNSW-NB15, CIC-IDS2017 and CSE-CIC-IDS2018 datasets, containing contemporary network traffic and attacks. The proposed MRA S-dDCA model achieved an accuracy of 97.37%, 99.97%, 99.56%, and 99.75% for the tested datasets, respectively. Comparisons with the DCA and state-of-the-art approaches for network anomaly detection are presented. The proposed approach was able to surpass state-of-the-art approaches with UNSW-NB15 and CSECIC-IDS2018 datasets, whereas the results obtained with the NSL-KDD and CIC-IDS2017 datasets are competitive with machine learning approaches.

Download Full-text

Cyber situational awareness through network anomaly detection: state of the art and new approaches

e & i Elektrotechnik und Informationstechnik ◽

10.1007/s00502-015-0287-4 ◽

2015 ◽

Vol 132 (2) ◽

pp. 101-105 ◽

Cited By ~ 7

Author(s):

Ivo Friedberg ◽

Florian Skopik ◽

Roman Fiedler

Keyword(s):

Anomaly Detection ◽

Situational Awareness ◽

State Of The Art ◽

New Approaches ◽

Network Anomaly Detection

Download Full-text

A DOUBLE-SHRINK AUTOENCODER FOR NETWORK ANOMALY DETECTION

Journal of Computer Science and Cybernetics ◽

10.15625/1813-9663/36/2/14578 ◽

2020 ◽

Vol 36 (2) ◽

pp. 159-172

Author(s):

Cong Thanh Bui ◽

Loi Cao Van ◽

Minh Hoang ◽

Quang Uy Nguyen

Keyword(s):

Machine Learning ◽

Anomaly Detection ◽

State Of The Art ◽

The State ◽

The Internet ◽

Learning Methods ◽

Network Attacks ◽

Machine Learning Methods ◽

Pull Out ◽

Network Anomaly Detection

The rapid development of the Internet and the wide spread of its applications has affected many aspects of our life. However, this development also makes the cyberspace more vulnerable to various attacks. Thus, detecting and preventing these attacks are crucial for the next development of the Internet and its services. Recently, machine learning methods have been widely adopted in detecting network attacks. Among many machine learning methods, AutoEncoders (AEs) are known as the state-of-the-art techniques for network anomaly detection. Although, AEs have been successfully applied to detect many types of attacks, it is often unable to detect some difficult attacks that attempt to mimic the normal network traffic. In order to handle this issue, we propose a new model based on AutoEncoder called Double-Shrink AutoEncoder (DSAE). DSAE put more shrinkage on the normal data in the middle hidden layer. This helps to pull out some anomalies that are very similar to normal data. DSAE are evaluated on six well-known network attacks datasets. The experimental results show that our model performs competitively to the state-of-the-art model, and often out-performs this model on the attacks group that is difficult for the previous methods.

Download Full-text

A Systematic Literature Review of the EFQM Excellence Model from 1991 to 2019

International Journal of Applied Research in Management and Economics ◽

10.33422/ijarme.v2i2.211 ◽

1970 ◽

Vol 2 (2) ◽

pp. 11-15

Author(s):

Muhammad Yousaf ◽

Petr Bris

Keyword(s):

Quality Management ◽

Data Collection ◽

Literature Review ◽

Systematic Literature Review ◽

Quantitative Research ◽

Web Of Science ◽

State Of The Art ◽

Future Research ◽

European Foundation ◽

The Subject

A systematic literature review (SLR) from 1991 to 2019 is carried out about EFQM (European Foundation for Quality Management) excellence model in this paper. The aim of the paper is to present state of the art in quantitative research on the EFQM excellence model that will guide future research lines in this field. The articles were searched with the help of six strings and these six strings were executed in three popular databases i.e. Scopus, Web of Science, and Science Direct. Around 584 peer-reviewed articles examined, which are directly linked with the subject of quantitative research on the EFQM excellence model. About 108 papers were chosen finally, then the purpose, data collection, conclusion, contributions, and type of quantitative of the selected papers are discussed and analyzed briefly in this study. Thus, this study identifies the focus areas of the researchers and knowledge gaps in empirical quantitative literature on the EFQM excellence model. This article also presents the lines of future research.

Download Full-text

Improved negative selection algorithm for network anomaly detection on high-dimensional data

Journal of Computer Applications ◽

10.3724/sp.j.1087.2009.00805 ◽

2009 ◽

Vol 29 (3) ◽

pp. 805-807 ◽

Cited By ~ 1

Author(s):

Wen-zhong GUO ◽

Guo-long CHEN ◽

Qing-liang CHEN

Keyword(s):

Anomaly Detection ◽

Negative Selection ◽

High Dimensional Data ◽

High Dimensional ◽

Selection Algorithm ◽

Negative Selection Algorithm ◽

Network Anomaly Detection

Download Full-text

Network anomaly detection based on selective ensemble algorithm

The Journal of Supercomputing ◽

10.1007/s11227-020-03374-z ◽

2020 ◽

Author(s):

Hongle Du ◽

Yan Zhang

Keyword(s):

Anomaly Detection ◽

Selective Ensemble ◽

Ensemble Algorithm ◽

Network Anomaly Detection

Download Full-text

Costs and Benefits of Autonomous Shipping—A Literature Review

Applied Sciences ◽

10.3390/app11104553 ◽

2021 ◽

Vol 11 (10) ◽

pp. 4553

Author(s):

Ewelina Ziajka-Poznańska ◽

Jakub Montewka

Keyword(s):

Literature Review ◽

Business Models ◽

Financial Models ◽

State Of The Art ◽

Costs And Benefits ◽

Capital Costs ◽

Research Activities ◽

Benefit Estimation ◽

Autonomous Ship ◽

The Cost

The development of autonomous ship technology is currently in focus worldwide and the literature on this topic is growing. However, an in-depth cost and benefit estimation of such endeavours is in its infancy. With this systematic literature review, we present the state-of-the-art system regarding costs and benefits of the operation of prospective autonomous merchant ships with an objective for identifying contemporary research activities concerning an estimation of operating, voyage, and capital costs in prospective, autonomous shipping and vessel platooning. Additionally, the paper outlines research gaps and the need for more detailed business models for operating autonomous ships. Results reveal that valid financial models of autonomous shipping are lacking and there is significant uncertainty affecting the cost estimates, rendering only a reliable evaluation of specific case studies. The findings of this paper may be found relevant not only by academia, but also organisations considering to undertake a challenge of implementing Maritime Autonomous Surface Ships in their operations.

Download Full-text