Provided by: Association for Computing Machinery
Date Added: Aug 2015
In this paper, the authors challenge the applicability of entropy-based approaches for detecting and diagnosis network traffic anomalies and claim that full statistics (i.e., empirical probability distributions) should be applied to improve the change detection capabilities. They support their claim by detecting and diagnosing large-scale traffic anomalies in a real cellular network, caused by specific OTT (Over The Top) services and Smartphone devices. Their results clearly suggest that anomaly detection and diagnosis based on entropy analysis is prone to errors and misses typical characteristics of traffic anomalies, particularly in the studied scenario.