E-mail a Wiley Online Library Link

Xuejiao Liu, Yingjie Xia, Yanbo Wang and Jing Ren Discovering anomaly on the basis of flow estimation of alert feature distribution Security and Communication Networks 7

Version of Record online: 12 SEP 2013 | DOI: 10.1002/sec.855

Thumbnail image of graphical abstract

To capture the abnormal burst of alert flow, we employ the idea of Kullback-Leibler distance to compute a number n of different alerts feature distribution under observation in comparison with reference distribution, which is derived from historical data and user expertise. In terms of a well-defined threshold, we perform threshold detection on the basis of Kullback-Leibler distance of several features. Upon detecting an anomaly, we use the union set of data provided by the n features to identify a set of suspicious flows.

Complete the form below and we will send an e-mail message containing a link to the selected article on your behalf

Required = Required Field