Title: Improving stability of PCA-based network anomaly detection by means of kernel-PCA

Authors: Christian Callegari; Lisa Donatini; Stefano Giordano; Michele Pagano

Addresses: CNIT and Department of Information Engineering, University of Pisa, Via Caruso 16, 56122 Pisa, Italy ' CNIT and Department of Information Engineering, University of Pisa, Via Caruso 16, 56122 Pisa, Italy ' CNIT and Department of Information Engineering, University of Pisa, Via Caruso 16, 56122 Pisa, Italy ' CNIT and Department of Information Engineering, University of Pisa, Via Caruso 16, 56122 Pisa, Italy

Abstract: In the last years, the problem of detecting anomalies and attacks by statistically inspecting the network traffic has been attracting more and more research efforts. As a result, many different solutions have been proposed. Nonetheless, the poor performance offered by the proposed detection methods, as well as the difficulty of properly tuning and training these systems, make the detection of network anomalies still an open issue. In this paper, we face the problem by proposing a way to improve the performance of anomaly detection. In more detail, we propose a novel network anomaly detection method that, by means of kernel-PCA, is able to overcome the limitations of the 'classical' PCA-based methods, while retaining good performance in detecting network attacks and anomalies.

Keywords: intrusion detection system; network anomaly detection; kernel-PCA.

DOI: 10.1504/IJCSE.2018.089573

International Journal of Computational Science and Engineering, 2018 Vol.16 No.1, pp.9 - 16

Received: 04 Sep 2013
Accepted: 28 Oct 2013

Published online: 31 Jan 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article