Open AccessOUTLIER DETECTION METHOD USE FOR THE NETWORK FLOW ANOMALY DETECTION / IŠSKIRČIŲ RADIMO METODŲ TAIKYMAS ANOMALIJOMS KOMPIUTERIŲ TINKLO PAKETŲ SRAUTUOSE APTIKTI
Author(s) -
Rimas Ciplinskas,
Nerijus Paulauskas
Publication year - 2016
Publication title -
mokslas - lietuvos ateitis
Language(s) - English
Resource type - Journals
eISSN - 2029-2341
pISSN - 2029-2252
DOI - 10.3846/mla.2016.928
Subject(s) - anomaly detection , anomaly (physics) , outlier , computer science , artificial intelligence , physics , condensed matter physics
New and existing methods of cyber-attack detection are constantly being developed and improved because there is a great number of attacks and the demand to protect from them. In prac-tice, current methods of attack detection operates like antivirus programs, i. e. known attacks signatures are created and attacks are detected by using them. These methods have a drawback – they cannot detect new attacks. As a solution, anomaly detection methods are used. They allow to detect deviations from normal network behaviour that may show a new type of attack. This article introduces a new method that allows to detect network flow anomalies by using local outlier factor algorithm. Accom-plished research allowed to identify groups of features which showed the best results of anomaly flow detection according the highest values of precision, recall and F-measure