{"title":"An Application of Robust Principal Component Analysis Methods for Anomaly Detection","authors":"Kubra Bagci, H. E. Çelik","doi":"10.55525/tjst.1293057","DOIUrl":null,"url":null,"abstract":"Ensuring a secure network environment is crucial, especially with the increasing number of threats and attacks on digital systems. Implementing effective security measures, such as anomaly detection can help detect any abnormal traffic patterns. Several statistical and machine learning aproaches are used to detect network anomalies including robust statistical methods. Robust methods can help identifying abnormal traffic patterns and distinguish them from the normal traffic accurately. In this study, a robust Principal Component Analysis (PCA) method called ROBPCA which is known for its extensive use in the literature of chemometrics and genetics is utilized for detecting network anomalies and compared with another robust PCA method called PCAGRID. The anomaly detection performances of these methods are evaluated by injecting synthetic traffic volume into a well-known traffic matrix. According to the application results, when the normal subspace contaminated with large anomalies the ROBPCA method provided much better performance in detecting anomalies.","PeriodicalId":516893,"journal":{"name":"Turkish Journal of Science and Technology","volume":"23 7","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Turkish Journal of Science and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.55525/tjst.1293057","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Ensuring a secure network environment is crucial, especially with the increasing number of threats and attacks on digital systems. Implementing effective security measures, such as anomaly detection can help detect any abnormal traffic patterns. Several statistical and machine learning aproaches are used to detect network anomalies including robust statistical methods. Robust methods can help identifying abnormal traffic patterns and distinguish them from the normal traffic accurately. In this study, a robust Principal Component Analysis (PCA) method called ROBPCA which is known for its extensive use in the literature of chemometrics and genetics is utilized for detecting network anomalies and compared with another robust PCA method called PCAGRID. The anomaly detection performances of these methods are evaluated by injecting synthetic traffic volume into a well-known traffic matrix. According to the application results, when the normal subspace contaminated with large anomalies the ROBPCA method provided much better performance in detecting anomalies.