Please use this identifier to cite or link to this item:
|Scopus||Web of Science®||Altmetric|
|Title:||The need for simulation in evaluating anomaly detectors|
|Citation:||Computer Communication Review, 2008; 38(1):55-59|
|Publisher:||Assoc Computing Machinery|
|Haakon Ringberg; Matthew Roughan; Jennifer Rexford|
|Abstract:||<jats:p>Anomalous events that affect the performance of networks are a fact of life. It is therefore not surprising that recent years have seen an explosion in research on network anomaly detection. What is quite surprising, however, is the lack of controlled evaluation of these detectors. In this paper we argue that there are numerous important questions regarding the effectiveness of anomaly detectors that cannot be answered by the evaluation techniques employed today. We present four central requirements of a rigorous evaluation that can only be met by simulating both the anomaly and its surrounding environment. While simulation is necessary, it is not sufficient. We therefore present an outline of an evaluation methodology that leverages both simulation and traces from operational networks</jats:p>|
|Description:||Copyright © 2008 ACM, Inc.|
|Appears in Collections:||Applied Mathematics publications|
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.