AnomBench: A Benchmark for Volume-Based Internet Anomaly Detection

Free registration required

Executive Summary

Developing algorithms to detect anomalies in network traffic is an important goal to achieve secure and efficient operation of the Internet. To evaluate different algorithms, it is crucial to have a set of standardized test cases. The authors propose a benchmark suite called "AnomBench" that consists of sixteen different traffic scenarios that contain various different traffic anomalies. They describe why these scenarios are representative and show the results of a prototype implementation on DETERlab. Anomaly detection is an important aspect of network operation in the Internet. Network operators need to be aware of unusual traffic that may case security breaches, performance degradation, and other problems.

  • Format: PDF
  • Size: 439.63 KB