{"created":"2023-06-20T13:22:10.983729+00:00","id":2686,"links":{},"metadata":{"_buckets":{"deposit":"cf725790-429f-4be8-8afc-def7df32a0bf"},"_deposit":{"created_by":21,"id":"2686","owners":[21],"pid":{"revision_id":0,"type":"depid","value":"2686"},"status":"published"},"_oai":{"id":"oai:ir.soken.ac.jp:00002686","sets":["2:429:19"]},"author_link":["0","0","0"],"item_1_creator_2":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"FONTUGNE, Romain Thibault"}],"nameIdentifiers":[{"nameIdentifier":"0","nameIdentifierScheme":"WEKO"}]}]},"item_1_creator_3":{"attribute_name":"フリガナ","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"フォンテュニュ, ロマン ティボ"}],"nameIdentifiers":[{"nameIdentifier":"0","nameIdentifierScheme":"WEKO"}]}]},"item_1_date_granted_11":{"attribute_name":"学位授与年月日","attribute_value_mlt":[{"subitem_dategranted":"2011-09-30"}]},"item_1_degree_grantor_5":{"attribute_name":"学位授与機関","attribute_value_mlt":[{"subitem_degreegrantor":[{"subitem_degreegrantor_name":"総合研究大学院大学"}]}]},"item_1_degree_name_6":{"attribute_name":"学位名","attribute_value_mlt":[{"subitem_degreename":"博士(情報学)"}]},"item_1_description_12":{"attribute_name":"要旨","attribute_value_mlt":[{"subitem_description":"Network traffic anomalies stand for a large fraction of the Internet traffic and\r\ncompromise the performance of the network resources. Detecting and diagnos-\r\ning these threats is a laborious and time consuming task that network operators\r\nface daily. During the last decade researchers have concentrated their efforts\r\non this problem and proposed several tools to automate this task. Thereby,\r\nrecent advances in anomaly detection have permitted to detect new or unknown\r\nanomalies by taking advantage of statistical analysis of the traffic. In spite of\r\nthe advantages of these detection methods, researchers have reported several\r\ncommon drawbacks discrediting their use in practice. Indeed, the challenge of\r\nunderstanding the relation between the theory underlying these methods and\r\nthe actual Internet traffic raises several issues. For example, the difficulty of\r\nselecting the optimal parameter set for these methods mitigates their perfor-\r\nmance and prevent network operators from using them. Moreover, due to the\r\nlack of ground truth data, approximate evaluations of these detection methods\r\nprevent to provide accurate feedback on them and increase their reliability. We\r\naddress these issues, first, by proposing a pattern-recognition-based detection\r\nmethod that overcomes the common drawbacks of anomaly detectors based on\r\nstatistical analysis, second, by providing both a benchmark tool that compares\r\nthe results from diverse detectors and ground truth data obtained by combining\r\nseveral anomaly detectors.\r\n   The proposed pattern-recognition-based detector takes advantage of image\r\nprocessing techniques to provide intuitive outputs and parameter set. An adap-\r\ntive mechanism automatically tuning its parameter set according to traffic fluc-\r\ntuations is also proposed. The resulting adaptive anomaly detector is easily\r\nusable in practice, performs a high detection rate, and provides intuitive de-\r\nscription of the anomalies allowing to identify their root causes.\r\n   A benchmark methodology is also developed in order to compare several\r\ndetectors based on different theoretical background. This methodology allows\r\nresearchers to accurately identify the differences between the results of diverse\r\ndetectors. We employ this methodology along with an unsupervised combina-\r\ntion strategy to combine the output of four anomaly detectors. Thereby, the\r\ncombination strategy increases the overall reliability of the combined detectors\r\nand it detects two times more anomalies than the best detector. We provide\r\nthe results of this combination of detectors in the form of ground truth data\r\ncontaining various anomalies during 10 years of traffic.","subitem_description_type":"Other"}]},"item_1_description_18":{"attribute_name":"フォーマット","attribute_value_mlt":[{"subitem_description":"application/pdf","subitem_description_type":"Other"}]},"item_1_description_7":{"attribute_name":"学位記番号","attribute_value_mlt":[{"subitem_description":"総研大甲第1456号","subitem_description_type":"Other"}]},"item_1_select_14":{"attribute_name":"所蔵","attribute_value_mlt":[{"subitem_select_item":"有"}]},"item_1_select_8":{"attribute_name":"研究科","attribute_value_mlt":[{"subitem_select_item":"複合科学研究科"}]},"item_1_select_9":{"attribute_name":"専攻","attribute_value_mlt":[{"subitem_select_item":"17 情報学専攻"}]},"item_1_text_10":{"attribute_name":"学位授与年度","attribute_value_mlt":[{"subitem_text_value":"2011"}]},"item_creator":{"attribute_name":"著者","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"FONTUGNE, Romain Thibault","creatorNameLang":"en"}],"nameIdentifiers":[{"nameIdentifier":"0","nameIdentifierScheme":"WEKO"}]}]},"item_files":{"attribute_name":"ファイル情報","attribute_type":"file","attribute_value_mlt":[{"accessrole":"open_date","date":[{"dateType":"Available","dateValue":"2016-02-17"}],"displaytype":"simple","filename":"甲1456_要旨.pdf","filesize":[{"value":"261.4 kB"}],"format":"application/pdf","licensetype":"license_11","mimetype":"application/pdf","url":{"label":"要旨・審査要旨","url":"https://ir.soken.ac.jp/record/2686/files/甲1456_要旨.pdf"},"version_id":"5f0a8748-1753-4cf3-be74-dc7758cdf44d"},{"accessrole":"open_date","date":[{"dateType":"Available","dateValue":"2016-02-17"}],"displaytype":"simple","filename":"甲1456_本文.pdf","filesize":[{"value":"7.9 MB"}],"format":"application/pdf","licensetype":"license_11","mimetype":"application/pdf","url":{"label":"本文","url":"https://ir.soken.ac.jp/record/2686/files/甲1456_本文.pdf"},"version_id":"662238e2-6e7e-48cb-adb2-444740cb7c70"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourcetype":"thesis","resourceuri":"http://purl.org/coar/resource_type/c_46ec"}]},"item_title":"Increasing Reliability in Network Traffic Anomaly Detection","item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Increasing Reliability in Network Traffic Anomaly Detection"},{"subitem_title":"Increasing Reliability in Network Traffic Anomaly Detection","subitem_title_language":"en"}]},"item_type_id":"1","owner":"21","path":["19"],"pubdate":{"attribute_name":"公開日","attribute_value":"2012-04-02"},"publish_date":"2012-04-02","publish_status":"0","recid":"2686","relation_version_is_last":true,"title":["Increasing Reliability in Network Traffic Anomaly Detection"],"weko_creator_id":"21","weko_shared_id":-1},"updated":"2023-06-20T15:46:52.698519+00:00"}