Conference Proceedings

The role of KL divergence in anomaly detection

L Zhang, D Veitch, K Ramamohanarao

Proceedings of the ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems | Published : 2011

Abstract

We study the role of Kullback-Leibler divergence in the framework of anomaly detection, where its abilities as a statistic underlying detection have never been investigated in depth. We give an in-principle analysis of network attack detection, showing explicitly attacks may be masked at minimal cost through 'camouflage'. We illustrate on both synthetic distributions and ones taken from real traffic.

University of Melbourne Researchers

Citation metrics