Anomaly detection algorithm of large scale network based on wavelet deviation
1. School of Computer Science and Technology, Nanjing University of Science and Technology, Nanjing, Jiangsu 210094, China; 2. Network Center, Jiangsu University, Zhenjiang, Jiangsu 212013, China)
Abstract:In view of the shortcomings of traditional anomaly detection algorithms in large-scale high-speed network, such as lacks of efficiency and extensibility and so on, a new anomaly detection algorithm was proposed. Large-scale high-speed network traffic was processed as signal, which can be decomposed into high, middle and low frequency bands. Then the key bands affecting network traffic were processed through the wavelet deviation algorithm. Eventually the deviation's distribution within different time windows was derived, which can highlight anomalies. The experiments show the effectiveness, feasibility and high detection efficiency of the algorithm, which can be used to build an on-line real-time automatic anomaly detection system in large-scale high-speed network.