Anomaly Detection in Computer Networks: 2Department Computer
Security Lab (CSec Lab) alessio.merlo@unige.it 3DEI -
University of Padova, Padova, 35131, Italy mauro.migliardi@unipd.it Abstract The
ever-lasting challenge of detecting and mitigating failures in computer
networks has become more essential than ever; especially with the enormous
number of smart devices that get connected to all sorts of network every day.
Whether the root cause of a given anomaly is a security breach, a component
failure, an environmental factor, or even any combination of these reasons,
anomalies need to be detected and mitigated timely and properly. In this
paper, we review and evaluate the state-of-the-art studies on the problem of
anomaly detection in computer networks. We provide an elaborate description
of the anomaly detection problem, and depict the different categorizations of
its solutions. We also illustrate some recent state-of-the-art solutions on
the network level, and depict current trends in handling malware-induced
anomalies in smartphone networks. Additionally, we evaluate the presented
solutions and highlight their shortcomings. Keywords: Anomaly
Detection, Network-level Detection, Application-level Detection, +: Corresponding author: Alessio
Merlo Computer Security
Lab, DIBRIS, University of Genova, Viale F. Causa, 13, 16145, Genova.
Journal of Wireless
Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol. 5, No. 4,
pp. 29-64, December 2014 [pdf] |