Anomaly Detection in Network Traffic Using Jensen-Shannon Divergence
Anomaly detection in high speed networks is well known to be a challenging problem. It requires generally the analysis of a huge amount of data with high accuracy and low complexity. In this paper, the authors propose an anomaly detection mechanism against flooding attacks in high speed networks. The proposed mechanism is based on Jensen-Shannon divergence metric over sketch data structure. This sketch is used to reduce the required memory, while monitoring the traffic, by maintaining them into a predefined fixed size of hash tables. This sketch is also used to develop a probabilistic model.