Institute of Computing Technology, Chinese Academy IR
| Interactive Anomaly Detection in Dynamic Communication Networks | |
| Meng, Xuying1,2; Wang, Yequan1; Wang, Suhang3; Yao, Di1; Zhang, Yujun1,4 | |
| 2021-12-01 | |
| 发表期刊 | IEEE-ACM TRANSACTIONS ON NETWORKING
 |
| ISSN | 1063-6692 |
| 卷号 | 29期号:6页码:2602-2615 |
| 摘要 | Network flows are the basic components of the Internet. Considering the serious consequences of abnormal flows, it is crucial to provide timely anomaly detection in dynamic communication networks. To obtain accurate anomaly detection results in dynamic networks, supervision from experts is highly demanded. However, to obtain high-quality ground truth of abnormal flows, we suffer from two major problems: (1) limited labor resources: experts with the latest domain knowledge are much fewer than the large number of flows; and (2) dynamic environment: considering the new abnormal patterns (i.e., new attacks) and continuously changing network structures, it requires timely supervision to adaptively update the parameters. To tackle these problems, we propose HADDN, a novel bandit framework for periodic-updated anomaly detection in dynamic communication networks. We formulate the task as a bandit problem, where by interactions, supervision is offered by human experts to provide the ground truth to a fraction of flows. We construct semi-parametric expected rewards to optimize the estimation of flows' abnormality in limited interactions. Also, we utilize feature-based clusters and structural correlations to make connections between historical flows and new flows to improve both efficiency and accuracy of abnormality estimation. What's more, we provide two implementations for the semi-parametric expected reward of the proposed HADDN with theoretical proof. Experimental evaluations on public datasets demonstrate the substantial improvement of our proposed approaches compared to state-of-art anomaly detection methods. |
| 关键词 | Anomaly detection Communication networks Feature extraction Estimation Adaptation models Internet Task analysis Anomaly detection interactive learning dynamic networks communication networks semi-parametric bandits |
| DOI | 10.1109/TNET.2021.3097137 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | National Science Foundation of China[61902382] ; National Science Foundation of China[61972381] ; National Science Foundation of China[62002343] ; Research Program of Network Computing Innovation Research Institute[E061010003] ; Strategic Priority Research Program of Chinese Academy of Sciences[XDC02030500] ; Key Deployment Project of the Chinese Academy of Sciences[KFZD-SW-440] |
| WOS研究方向 | Computer Science ; Engineering ; Telecommunications |
| WOS类目 | Computer Science, Hardware & Architecture ; Computer Science, Theory & Methods ; Engineering, Electrical & Electronic ; Telecommunications |
| WOS记录号 | WOS:000731147300020 |
| 出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/17979 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Zhang, Yujun |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, Beijing 100190, Peoples R China 2.Purple Mt Labs, Nanjing 211111, Peoples R China 3.Penn State Univ, Coll Informat Sci & Technol, University Pk, PA 16802 USA 4.Univ Chinese Acad Sci, Dept Comp Sci & Technol, Beijing 100049, Peoples R China |
| 推荐引用方式 GB/T 7714 | Meng, Xuying,Wang, Yequan,Wang, Suhang,et al. Interactive Anomaly Detection in Dynamic Communication Networks[J]. IEEE-ACM TRANSACTIONS ON NETWORKING,2021,29(6):2602-2615. |
| APA | Meng, Xuying,Wang, Yequan,Wang, Suhang,Yao, Di,&Zhang, Yujun.(2021).Interactive Anomaly Detection in Dynamic Communication Networks.IEEE-ACM TRANSACTIONS ON NETWORKING,29(6),2602-2615. |
| MLA | Meng, Xuying,et al."Interactive Anomaly Detection in Dynamic Communication Networks".IEEE-ACM TRANSACTIONS ON NETWORKING 29.6(2021):2602-2615. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论