Network Anomaly Detection : A Machine Learning Perspective book cover
1st Edition

Network Anomaly Detection
A Machine Learning Perspective

ISBN 9781466582088
Published June 18, 2013 by Chapman and Hall/CRC
366 Pages 71 B/W Illustrations

SAVE $39.00
was $130.00
USD $91.00

Prices & shipping based on shipping country


Book Description

With the rapid rise in the ubiquity and sophistication of Internet technology and the accompanying growth in the number of network attacks, network intrusion detection has become increasingly important. Anomaly-based network intrusion detection refers to finding exceptional or nonconforming patterns in network traffic data compared to normal behavior. Finding these anomalies has extensive applications in areas such as cyber security, credit card and insurance fraud detection, and military surveillance for enemy activities. Network Anomaly Detection: A Machine Learning Perspective presents machine learning techniques in depth to help you more effectively detect and counter network intrusion.

In this book, you’ll learn about:

  • Network anomalies and vulnerabilities at various layers
  • The pros and cons of various machine learning techniques and algorithms
  • A taxonomy of attacks based on their characteristics and behavior
  • Feature selection algorithms
  • How to assess the accuracy, performance, completeness, timeliness, stability, interoperability, reliability, and other dynamic aspects of a network anomaly detection system
  • Practical tools for launching attacks, capturing packet or flow traffic, extracting features, detecting attacks, and evaluating detection performance
  • Important unresolved issues and research challenges that need to be overcome to provide better protection for networks

Examining numerous attacks in detail, the authors look at the tools that intruders use and show how to use this knowledge to protect networks. The book also provides material for hands-on development, so that you can code on a testbed to implement detection methods toward the development of your own intrusion detection system. It offers a thorough introduction to the state of the art in network anomaly detection using machine learning approaches and systems.

Table of Contents

The Internet and Modern Networks
Network Vulnerabilities
Anomalies and Anomalies in Networks
Machine Learning
Prior Work on Network Anomaly Detection
Contributions of This Book

Networks and Anomalies
Networking Basics
Anomalies in a Network

An Overview of Machine Learning Methods
Types of Machine Learning Methods
Supervised Learning: Some Popular Methods
Unsupervised Learning
Probabilistic Learning
Soft Computing
Reinforcement Learning
Hybrid Learning Methods

Detecting Anomalies in Network Data
Detection of Network Anomalies
Aspects of Network Anomaly Detection

Feature Selection
Feature Selection vs. Feature Extraction
Feature Relevance
Applications of Feature Selection
Prior Surveys on Feature Selection
Problem Formulation
Steps in Feature Selection
Feature Selection Methods: A Taxonomy
Existing Methods of Feature Selection
Subset Evaluation Measures
Systems and Tools for Feature Selection

Approaches to Network Anomaly Detection
Network Anomaly Detection Methods
Types of Network Anomaly Detection Methods
Anomaly Detection Using Supervised Learning
Anomaly Detection Using Unsupervised Learning
Anomaly Detection Using Probabilistic Learning
Anomaly Detection Using Soft Computing
Knowledge in Anomaly Detection
Anomaly Detection Using Combination Learners

Evaluation Methods
Data Quality, Validity and Reliability
Alert Information
Unknown Attacks Detection
Updating References

Tools and Systems
Attack Related Tools
Attack Detection Systems

Open Issues, Challenges and Concluding Remarks
Runtime Limitations for Anomaly Detection Systems
Reducing the False Alarm Rate
Issues in Dimensionality Reduction
Computational Needs of Network Defense Mechanisms
Designing Generic Anomaly Detection Systems
Handling Sophisticated Anomalies
Adaptability to Unknown Attacks
Detecting and Handling Large-Scale Attacks
Infrastructure Attacks
High Intensity Attacks
More Inventive Attacks
Concluding Remarks


View More



Dhruba Kumar Bhattacharyya is a professor in computer science and engineering at Tezpur University. Professor Bhattacharyya's research areas include network security, data mining, and bioinformatics. He has published more than 180 research articles in leading international journals and peer-reviewed conference proceedings. Dr. Bhattacharyya has written or edited seven technical books in English and two technical reference books in Assamese. He is on the editorial board of several international journals and has also been associated with several international conferences. For more about Dr. Bhattacharyya, see his profile at Tezpur University.

Jugal Kumar Kalita teaches computer science at the University of Colorado, Colorado Springs. His expertise is in the areas of artificial intelligence and machine learning, and the application of techniques in machine learning to network security, natural language processing, and bioinformatics. He has published 115 papers in journals and refereed conferences, and is the author of a book on Perl. He received the Chancellor's Award at the University of Colorado in 2011, in recognition of lifelong excellence in teaching, research, and service. For more about Dr. Kalita, see his profile at the University of Colorado.