A Sparse Bayesian Framework for Anomaly Detection in Heterogeneous Networks
Document Type
Conference Proceeding
Publication Date
12-1-2012
Abstract
The capability to detect anomalous states in a network is important for both the smooth operation of the network and the security of the network. Modern networks are often heterogeneous. This raises a new challenge for anomaly detection, as there may be a wide variety of anomalous activities across the heterogeneous components of a network. We often seek a detection system that not only performs accurate anomaly detection but also provides mechanisms for human expert to understand the decision making process inside the system. In this paper, we investigate the application of sparse Bayesian methods for anomaly detection in such scenario. By taking advantage of the sparse Bayesian framework's capability to conduct automatic relevance discovery, we construct a detection system whose decision making is mostly based on a few representative examples from the training set. This provides human interpretability as expert can analyze the representative examples to understand the detection mechanism. Our experiment results show the potential of this approach.
Publication Source (Journal or Book title)
Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
First Page
75
Last Page
87
Recommended Citation
Zhang, J., & Kannan, R. (2012). A Sparse Bayesian Framework for Anomaly Detection in Heterogeneous Networks. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 74 LNICST, 75-87. https://doi.org/10.1007/978-3-642-29222-4_6
