Please use this identifier to cite or link to this item:
Scopus Web of Science® Altmetric
Type: Journal article
Title: The need for simulation in evaluating anomaly detectors
Author: Ringberg, H.
Roughan, M.
Rexford, J.
Citation: Computer Communications Review, 2008; 38(1):55-59
Publisher: Assoc Computing Machinery
Issue Date: 2008
ISSN: 0146-4833
Statement of
Haakon Ringberg; Matthew Roughan; Jennifer Rexford
Abstract: <jats:p>Anomalous events that affect the performance of networks are a fact of life. It is therefore not surprising that recent years have seen an explosion in research on network anomaly detection. What is quite surprising, however, is the lack of controlled evaluation of these detectors. In this paper we argue that there are numerous important questions regarding the effectiveness of anomaly detectors that cannot be answered by the evaluation techniques employed today. We present four central requirements of a rigorous evaluation that can only be met by simulating both the anomaly and its surrounding environment. While simulation is necessary, it is not sufficient. We therefore present an outline of an evaluation methodology that leverages both simulation and traces from operational networks</jats:p>
Description: Copyright © 2008 ACM, Inc.
DOI: 10.1145/1341431.1341443
Appears in Collections:Applied Mathematics publications
Aurora harvest 5

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.